SQL injection
What is SQL injection
An SQL injection is a type of attack where malicious code is injected into a web application's database query string. This may allow the attacker to execute arbitrary commands on the server side of the application. This threat can be mitigated by using prepared statements instead of variables in queries.