SQL Injection
Users insert invalid values into SQL statements and thereby cause errors in the database, cause a system failure or attempt to gain access to other systems.
Checking User Input in SQL Statements