The correct answer is 'SQL injection'. This type of exploit occurs when an attacker is able to insert or 'inject' a SQL query via the input data from the client to the application. The application, which fails to properly sanitize the input, executes the malicious SQL command, which can lead to unauthorized access to the database, data corruption, or loss of data. Cross-site scripting (XSS) involves injecting malicious scripts into web pages viewed by other users, not executing code on the server. Phishing attacks are types of social engineering that typically involve tricking users into revealing personal information. A buffer overflow exploit takes advantage of a program's inability to handle an excessive amount of data, not improperly sanitized input.