SQL Injection: SQLi

In a SQL injection attack malicious code is embedded in a poorly-designed application and then passed to the backend database. The malicious data then produces database query results or actions that should never have been executed.