If the application doesn’t sanitize the user input then the SQL injection happens. Thus a malicious hacker would inject SQL question to gain unauthorized access and execute administration operations on the database. SQL injections may be classified as follows:
Error-based SQL injection
Blind SQL injection
Time-based SQL injection