SQL injection attack
nouncandidate·updated May 9, 2026
An exploit of target software that constructs structure query language (SQL) statements based on user input. An attacker crafts input strings so that when the target software constructs SQL statements based on the input, the resulting SQL statement performs actions other than those the application intended. SQL injection enables an attacker to talk directly to the database, thus bypassing the application completely. Successful injection can cause information disclosure as well as ability to add or modify data in the database.
Outgoing relationships
No outgoing triples
This term is not the subject of any RDF-style relationship yet.
Incoming relationships
No incoming triples
No other term currently asserts a relationship to this one.