SQL injection

SQL injection is a type of code injection technique. It consists of inserting SQL queries into the input data from client to the application. This technique is often used to compromise the security and leak data from databases. SQL injection attacks are not blocked by firewalls since the input data is seen as legitimate input data originated from the client.