What is SQL Injection? Definition & Explanation
SQL injection (SQLi) is a web application vulnerability in which an attacker inserts malicious SQL fragments into application inputs that are concatenated into database queries — manipulating query logic to bypass authentication, exfiltrate data, modify records, or execute commands on the database server.
In-Depth Explanation
SQLi sub-types include in-band (results returned in response — classic UNION-based and error-based), inferential/blind (boolean-based, time-based — extract data one bit at a time via response differences), and out-of-band (data exfiltrated via DNS or HTTP callbacks). Famous SQLi attacks include the 2008 Heartland Payment Systems breach (130M cards), the 2011 Sony Pictures hack, the 2014 JPMorgan Chase breach, and the 2018 Magento Magecart card-skimming campaigns. Detection and exploitation tools include sqlmap (the de facto SQLi tool), Burp Suite Scanner, Acunetix, Invicti (formerly Netsparker), and OWASP ZAP. Defenses are well-understood: use parameterized queries (prepared statements) or stored procedures, never string-concatenate user input into SQL, employ ORMs that parameterize by default, apply principle of least privilege to DB accounts, deploy a Web Application Firewall (Cloudflare WAF, AWS WAF, Imperva, Akamai) for defense-in-depth, and run continuous DAST scanning in CI. Despite being well-understood for over 25 years, SQLi remains in the OWASP Top 10 (A03 Injection in 2021) because new applications continue to ship vulnerable code.
Why It Matters for Security
SQL injection is one of the oldest web vulnerabilities (first documented in 1998) yet remains one of the most prevalent — appearing in nearly every web application pentest. A single SQLi flaw can lead to full database extraction, authentication bypass, and often remote code execution on the database server. Modern frameworks make SQLi structurally avoidable through parameterization, but legacy code, ORMs misused, and string-concatenated raw queries continue to produce vulnerabilities.
Related Tools
- GitHub Advanced Security
CodeQL SAST, Copilot Autofix, secret scanning with push protection, Dependabot SCA.
- Dependabot Security
GitHub-native automated dependency updates and security vulnerability patching for repositories.
- OWASP ZAP
Free open-source web application security scanner with active scanning and fuzzing.
Frequently Asked Questions
What does SQL Injection mean in cybersecurity?
SQL injection (SQLi) in cybersecurity is a web application vulnerability that lets attackers insert malicious SQL fragments into application inputs that are concatenated into database queries — manipulating query logic to bypass authentication, exfiltrate data, modify records, or execute commands on the DB server.
Why is SQL Injection important?
SQL injection matters because it remains one of the most prevalent web vulnerabilities despite being well-understood for over 25 years. A single SQLi flaw enables full database extraction and often remote code execution. Defenses (parameterized queries, ORMs, WAF, DAST in CI) are well-known but still inconsistently applied.