Which security vulnerability involves an attacker injecting malicious SQL code into input fields?

SQL Injection is a security vulnerability where attackers insert malicious SQL code into input fields, such as login forms or search queries, to manipulate the database and perform unauthorized actions. This vulnerability can lead to data breaches, data loss, or unauthorized access to sensitive information stored in the database. Preventative measures include parameterized queries, input validation, and using ORM frameworks.