SQL injection is a type of cyber attack which inserts nefarious commands into web applications in order to access the contents of a database.
SQL stands for Structured Query Language and is used to communicate with databases. It is considered the standard language for relational database management systems.
User input is frequently sent from the website to the database, either to add to it or modify its contents.