According to the Cisco 2Q10 Global Threat Report, IPS SQL injection signature firings increased substantially in 2Q10, coinciding with outbreaks of SQL-injection-compromised websites. So, just what is a SQL Injection?
SQL is used to manage the data contained in relational databases, and administer the SQL servers that house that data. A SQL injection attack uses malformed SQL statements in an attempt to override intended behavior and cause the SQL server to act upon the statement in an unintended fashion.
SQL servers that do not properly validate input data, or sanitize output data, can be vulnerable to various types of SQL injection attacks. Successful attacks can lead to a range of possible compromise conditions, including the alteration of contents of a database, sensitive information disclosure, or the control of a SQL server.
Source: Cisco 2Q10 Global Threat Report