Oh no! SQL Injection!

SQL Injection is a way of attacking an application in order to force it to do something that your user doesn’t have permission to do or otherwise break the application. Mostly it comes down to getting the application to return any information you are not supposed to have.