What is SQL Injection and How Does it Work
Published in
3 min readMar 15, 2023
SQL Injection is a web hacking technique of inserting SQL commands in user-supplied data fields of web applications and submitting them for execution by the database server.
To perform a SQL injection attack, an attacker inserts malicious SQL code, most often a database query, into a string that’s eventually executed by the database through a web application (e.g. a login form).