SQL Injection

SQL injection is one of the originators of code injection. This is about injecting SQL code into the application to manipulate database queries and to extract more information from the database or to selectively modify data records if applicable. A few years ago, SQL injection was the most frequent web application vulnerability of all. Increasing security awareness has made it less common although many countermeasures today may also be overcome. The high impact of SQL injection has however not been reduced.

Back to the glossary overview