What is a SQL Injection?
SQL injection is a technique to attack database based applications. The attacker inserts SQL statements into an input field of the application for execution by the database. An application with a vulnerability can be used by an attacker to dump the contents of a database, delete the database contents, insert HTML code to perform Cross-site scripting (XSS) attack, and much more.