SQL injections, sometimes is also referred to as SQLi, is a type of a web security vulnerability that allows the attacker to interfere with the queries that an application normally makes to its own database.
The attacker has a chance to view the data of an application which in normal scenarios, they are not authorized to access or retrieve.
The data is mostly a database of an application that belongs to the users of the application or any other form of data that the application have access to.
In such a scenario, an attacker can modify or even delete the data leading to a persistent change in the behavior or functioning of the application and the content in the application.
The unauthorized access to the data can sometimes escalate to a situation where the underlying severe of the application is compromised or the back-end of the application infrastructure is exposed. In some cases it could lead to the denial-of-service attack on the users who are using the application.
SQL injection attack normally lead to unauthorized access to sensitive data like the users passwords, personal information, or even credit card details that are meant to be personal.
Next, we will look at the examples of the SQL injection attacks in this link: Examples of SQL Injection.
You can also watch tutorial here on what is an SQL Injection?
If you have any question or comments, do not hesitate to ask us.
Quote: The moon looks upon many night flowers; the night flowers see but one moon. – Jean Ingelow