SQL injection

nouncandidate·updated May 9, 2026

GlossaryL1 — what DictionaryL2 — how used ThesaurusL3 — relations Universaleverything

Results from failure of the application to appropriately validate input. When specially crafted user-controlled input consisting of SQL syntax is used without proper validation as part of SQL queries, it is possible to glean information from the database in ways not envisaged during application design. (MITRE)

Framework senses

2 senses across 2 frameworks

SANS Glossary of Security Terms1 senseview framework →

§1: SQL injection is a type of input validation attack specific to database-driven applications where SQL code is inserted into application queries to manipulate the database.

ISACA Cybersecurity Glossary1 senseview framework →

§1: Results from failure of the application to appropriately validate input. When specially crafted user-controlled input consisting of SQL syntax is used without proper validation as part of SQL queries, it is possible to glean information from the database in ways not envisaged during application design. (MITRE)