The point of an SQL Injection attack is to compromise a database, which is an organized collection of data and supporting data structures. The data can include user names, passwords, text, etc.

While Forristal looked at Microsoft's software first, SQL injection was an industry-wide problem; sites using Java, PHP, ColdFusion, Ruby, and Python have all had SQL injection flaws.

If your eyes glazed over at the recent announcement of an “SQL injection” vulnerability in WordPress, take heart. You’re not alone.

In SQL injection attacks, malicious hackers can take advantage of poorly coded Web application software to introduce malicious code into a company’s systems and network.

The Drupal 7 core is vulnerable to a "Highly Critical" SQL injection bug that could allow an attacker to compromise the site. Written by Larry Seltzer, Contributor Oct. 15, 2014, 9:40 a.m. PT ...

What does SQL injection actually mean? Find out inside PCMag's comprehensive tech and computer-related encyclopedia.

In SQL injection attacks, malicious hackers can take advantage of poorly coded Web application software to introduce malicious code into a company’s systems and network. The vulnerability exists ...