Web injection

Definition
Web injection is

"[a] type of security exploit in which the attacker adds code to a Web form input box to gain access to resources or make changes to data. Input boxes are typically for user authentication, however most Web forms have no mechanisms in place to block input other than names and passwords. Unless such precautions are taken, an attacker can use the input boxes to send their own request to the database, which could allow them to download the entire database or interact with it in other illicit ways."