If you type 105 , the query works as intended. But if an attacker enters 105 OR 1=1 , the query becomes: SELECT * FROM Users WHERE UserId = 105 OR 1=1;

Since 1=1 is always true, the database will return every single user record in the system, potentially bypassing the login entirely. Common Types of SQL Injection

Imagine a simple login page. When you type in your ID, the backend might run a piece of code like this: txtSQL = "SELECT * FROM Users WHERE UserId = " + txtUserId;

By manipulating these inputs, hackers can trick the database into running commands it was never meant to execute, such as:

At its core, is a code injection technique where an attacker inserts malicious SQL statements into entry fields for execution. This typically happens when an application asks for user input—like a username or a search term—and then directly includes that input in a database query without proper cleaning or "sanitization".

Attackers use several different "flavors" of SQLi depending on how the application responds: