The term most commonly used for
SQL injection.
SQL Injection is when a user inputs a certain code into a PHP automated form which is
vunerable so that the user can obtain valuable informaion, ex. a list of passwords.
You go to a forum and do a member lookup on x' OR
'x' = 'x
The
mySQL query would look something like SELECT * from members WHERE user = x' OR 'x' = 'x'. This query, instead of returning the member "x" would return every member in the database. This isint useful, but in other cases it would be.