Structured Query Language (SQL) is a special purpose programming language for accessing and updating data in a relational database.

SQL allows an application to succinctly describe the operations to be performed on an underlying data store – either querying one or more tables, or updating or inserting data in those tables.

SQL databases are a commonly used data storage mechanism for web applications, so they have proven to be a common target for hackers. Dynamic pages on a website will often take HTTP parameters and transform them into a SQL queries to extract data from a database. Knowing this, hackers attempt to build malicious HTTP requests in an attempt to [inject code](/exercises/sql-injection].