SQL injection attacks can be categorized into the following two types:
Simple SQL injection
Blind SQL injection
Simple SQL injection
A simple SQL injection attack contains tautology. In tautology, injecting statements are always true. A union select statement returns the union of the intended data with the targeted data. We will look at SQL injection in detail in the following section.
Blind SQL injection
In this attack, the attacker takes advantage of the error messages generated by the database server after performing a SQL injection attack. The attacker gleans data by asking a series of true or false questions.