SQL Injection - Computer Definition
A security vulnerability occurring in an application’s database layer that is caused by the incorrect delimiting of variables embedded in SQL statements. It is an example of a broader class of vulnerabilities occurring whenever a programming or scripting language is embedded inside another.
An exploit that takes advantage of database query software that does not thoroughly test the query statement for correctness. Along with cross-site scripting (see XSS), SQL injection is used by worms to break into websites and extract data or embed malicious code.