Database injections (such as SQL injections) occur in an application when the
application retrieves data from a user or a third-party service and inserts it
into a database query without sanitizing it first.

If an application contains a database query that is vulnerable to injections,
it is exposed to attacks that target any database where that query is used.

A user with malicious intent carefully performs actions whose goal is to modify
the existing query to change its logic to a malicious one.

After creating the malicious request, the attacker can attack the databases
affected by this vulnerability without relying on any pre-requisites.