SQL Injection
An attack in which SQL database queries are passed on to the application ("injected") via the input fields of a web application and are then executed through a weak point in the application. Queries of this sort may disclose confidential information or manipulate the data in the database.