An attacker manipulates a web application's database query by injecting malicious SQL code into input fields, allowing them to retrieve, modify, or delete data from the database.

This attack occurs when an attacker exploits a vulnerability in an application to access restricted files or directories on the server by manipulating file paths.

Attacker injects malicious scripts into web pages viewed by other users, typically executed in the victim's browser to steal cookies, session tokens, or perform other malicious actions.