-In computer security, vulnerability is a major weakness which allow to attacker to get your system data and harm to your system.
-To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness.
SQL Injection is a security vulnerability that enables an assailant to change back-end SQL statements by manipulating the user supplied data.
Injection occurs when the user input and sent to an interpreter as part of command or query and trick the interpreter into executing unintended commands & gives access to unauthorized data.
The SQL query which is executed by web application can also expose the back-end database.
Vulnerable Objects :-
Logging into an application without having credentials.
Valid Username is available, and password is not available.