SQL Injection
← Back to Common Vulnerabilities
Inserting malicious SQL code through untrusted input that is incorporated into SQL queries. Can lead to data theft, data modification, authentication bypass, or server compromise. Primary mitigation: always use parameterized queries or ORMs, never string concatenation.