Today i'm gonna told you about how did hackers hack websites. Hackers acually found a bug (vulnerability) (Like SQL Injection,XSS,RCE) and try to exploit it. According to Here is a top 2013 common vulnerabilities:
Exploit Means they take a benefit of bugs in websites they found.
A1-Injection.
A2-Broken Authentication and Session Management
A3-Cross-Site Scripting (XSS)
A4-Insecure Direct Object References
A5-Security Misconfiguration
A6-Sensitive Data Exposure
A7-Missing Function Level Access Control
A8-Cross-Site Request Forgery (CSRF)
A9-Using Components with Known Vulnerabilities
A10-Unvalidated Redirects and Forwards