Pen Testing: SQL Injection/Injection Flaws

What are SQL Injections/Injection Flaws? Injection Flaws allow attackers to run a malicious command or block of malicious code on the back-end (the database) of a targeted web based application. For example, an attacker may send instructions to a vulnerable back-end database via an SQL command to manipulate the functionality of an application or to steal data.[…]