Home
HomeGlossarySQL Injection

SQL Injection

MITRE ATTACK layer: Initial Access

ON THIS PAGE

Unlock 442% ROI*

Control all your endpoints in a single platform.

4.6/5
Book a Demo

*Return on investment over three years as per the Total Economic Impact™ (TEI) study by Forrester

SQL Injection is what happens when an application blindly trusts user input and feeds it into a database query. Instead of data, the attacker sends instructions, and the database obediently executes them. It’s a trust failure between application logic and the database layer. Modern SQLi rarely looks like ' OR 1=1 --. Today it’s subtle and often buried inside JSON APIs, GraphQL resolvers, or legacy admin panels.

How is SQL Injection abused

Attackers inject SQL through inputs that developers assume are harmless like filters, sorting fields, API parameters or internal admin tools. Modern SQLi is usually blind or out-of-band, relying on timing delays, boolean responses or DNS callbacks, not error messages. Second-order SQLi stores the payload safely first, then executes it later in a different code path.

Why SQL Injection matters

SQLi gives attackers direct control over data to read, modify or delete at will. It bypasses authentication, breaks business logic and enables full database exfiltration. Breaches are often discovered months or years later, when damage is irreversible.

Real-world example

MOVEit Transfer breach

Attackers exploited a SQL injection flaw in MOVEit Transfer web application. The payload allowed unauthenticated SQL execution, letting attackers enumerate databases, steal file metadata, and directly extract sensitive files stored for transfer, which exposed exposed data of about 100 million individuals. It wasn't a single-company breach but a cascading supply-chain failure for 2,500+ organizations.

Source

Get the full attack repository

Get our entire attack repository in a single, offline-ready PDF guide, featuring 25+ real-world attacks.

Please enter a valid email.Please enter a email.
By clicking 'Download EBOOK', you agree to processing of personal data according to the Privacy Policy.

Related topics

Initial Access
Cross-Site Scripting
Read more
Initial Access
Drive-by Download Attack
Read more
Initial Access
Shadow IT
Read more

Additional Resources

Research
Achieve 442% ROI and reduce patching time by 95% — Forrester TEI Report

See how organizations gained 442% ROI and major efficiency improvements with Endpoint Central.

Read more
Security validation
Experience enterprise-grade protection proven in real-world tests — AV-Comparatives Report

Discover how Endpoint Central’s antivirus earned recognition through rigorous, real-world security validation in just eight months.

Read more
Guide
Simplify endpoint security and build cyber resilience — Endpoint Security For Dummies

Get a clear, practical guide to understanding threats and strengthening your organization’s security.

Read more

Trusted by

Unified Endpoint Management and Security Solution
Patch ManagementSoftware DeploymentEndpoint SecurityOS DeploymentAsset ManagementMobile Device MgmtTools & Configurations