An SQL injection vulnerability enables an attacker to inject malicious input into an SQL statement. This attack allows the attackers to view, edit, and delete tables in a database. Additionally, attackers can also obtain administrative rights.

The types of SQL injection are:

  • In-band SQLi: Error-based and Union-based
  • Blind SQLi: Boolean-based and Time-based
  • Out-of-bound SQLi