SQL Injection

Users insert invalid values into SQL statements and thereby cause errors in the database, cause a system failure or attempt to gain access to other systems.