SQL injection is a security vulnerability that occurs in a database layer of an application. It is
technique to inject SQL query/command as an input via web pages. Sometimes we accept input
from the web user and pass that input as parameter to construct a database query dynamically in
the backend to perform search operation in database. Here the question of SQL injection comes.
A intelligently crafted input may produce a result that the application is not supposed to do.