SQL Injection

Users insert invalid values into SQL statements and thus cause errors in the database, cause a system failure or attempt to gain access to other systems.