What is SQL Injection?
An attack where malicious SQL code is inserted into application inputs to manipulate the database.
Why It Matters
SQL injection can expose, modify, or delete entire databases and is one of the most common web vulnerabilities.
Real-World Example
Entering ' OR 1=1 -- in a login form to bypass authentication if the app does not properly sanitise input.
“Understanding terms like SQL Injection matters because it helps you have better conversations with developers and make smarter decisions about your software. You do not need to be technical. You just need to know enough to ask the right questions.”
Related Terms
Sanitisation
Cleaning user input to remove potentially harmful content
XSS (Cross-Site Scripting)
A security vulnerability where attackers inject malicious scripts into web pages viewed by other users.
OWASP
An open community focused on improving software security, best known for their Top 10 list of critical web security risks.
Validation
Checking that data meets requirements before processing it
Learn More at buildDay Melbourne
Want to understand these concepts hands-on? Join our one-day workshop and build a real web application from scratch.
Related Terms
Validation
Checking that data meets requirements before processing it
Sanitisation
Cleaning user input to remove potentially harmful content
XSS (Cross-Site Scripting)
A security vulnerability where attackers inject malicious scripts into web pages viewed by other users.
OWASP
An open community focused on improving software security, best known for their Top 10 list of critical web security...
Authentication
The process of verifying who someone is, usually through a username and password
Authorisation
Determining what actions or data a verified user is allowed to access