SQL Injection

SQL injection occurs when an application fails to properly validate or parameterize user input before using it in database queries. Attackers may exploit SQL injection to read, modify, or delete data, bypass authentication, or access sensitive records. In bug bounty and application security testing, SQL injection is considered a serious vulnerability because it can directly affect data confidentiality, integrity, and application control.