SQL injection

An SQL injection is an attack that passes commands through a vulnerability in an online application using an SQL (Structured Query Language) database. SQL injections are commonly used by hackers to gain unauthorized access to a system, facilitating insertion and manipulation of data, or viewing secure database information. Secure information includes credit card numbers, passwords, etcetera.

SQL injection example

A basic example of an SQL injection technique is to send a true statement through the web application's login. For example, a username and password with ' or '1'='1' or ' or 'a'='a', grants access since these statements are true.

Database terms, Security terms, SQL