SoftwareTestPilot

Advanced – Security Testing

SQL Injection – ISTQB Definition

Last Updated: July 12, 2026 · SoftwareTestPilot QA Team

Official ISTQB Definition

A code injection technique that exploits vulnerabilities in the way an application constructs SQL queries.

In simple words

User input ends up as executable SQL and lets attackers read or change the database.

Exam tip

OWASP Top 10 for years — always fixed with parameterised queries.

Related terms

Practice this term in the ISTQB Mock Test

40 CTFL v4.0 questions, 60-minute timer, instant scoring and chapter-wise breakdown.

Practice in Mock Test