SQL injection

An SQL injection is a type of injection attack wherein a threat actor introduces a malicious SQL code into a database as a way to circumvent web application security measures to reveal sensitive information, destroy it, or tamper with it. This is usually done on vulnerable sites that accept user entries, such as a search box. For an in-depth look at SQL injection, see this page.