Attacks & Threats
SQL Injection
Also known as: SQLi
Definition
An attack that inserts attacker-controlled SQL fragments into queries built from untrusted input, allowing data theft, modification, or full database compromise.
SQL injection (SQLi) occurs when an application concatenates user input into SQL statements without proper separation between code and data. By submitting payloads such as ' OR 1=1-- or UNION SELECT, an attacker can bypass authentication, read arbitrary tables, modify or delete records, and on misconfigured databases execute system commands. Variants include error-based, union-based, boolean and time-based blind, and out-of-band SQLi. The vulnerability has been a perennial OWASP Top 10 entry. The definitive defence is parameterized queries (prepared statements) with bind variables, layered with input validation, least-privilege database accounts, ORM hardening, and a Web Application Firewall as compensating control.
Examples
- A login form where username='admin'--' lets an attacker log in without a password.
- A search endpoint that exposes the password_hash column via a crafted UNION SELECT.
Related terms
NoSQL Injection
An injection attack against document, key-value or graph databases where attacker-controlled operators or JavaScript are smuggled into query objects.
Command Injection
Command Injection — definition coming soon.
Parameterized Query
Parameterized Query — definition coming soon.
Input Validation
Input Validation — definition coming soon.
OWASP Top 10
OWASP Top 10 — definition coming soon.
Web Application Firewall (WAF)
A reverse-proxy filter that inspects HTTP/HTTPS traffic to block web attacks such as SQL injection, XSS, and bot abuse before they reach the application.