Answer Description
An injection is when a hacker uses a computer language such as PHP, JavaScript, or SQL in an input field to trick a program into running the injected script, thus taking control of the program.
Wikipedia
Code injection is the exploitation of a computer bug that is caused by processing invalid data The injection is used by an attacker to introduce (or "inject") code into a vulnerable computer program and change the course of execution The result of successful code injection can be disastrous, for example, by allowing computer viruses or computer worms to propagate Code injection vulnerabilities occur when an application sends untrusted data to an interpreter Injection flaws are most often found in SQL, LDAP, XPath, NoSQL queries, OS commands, XML parsers, SMTP headers, program arguments, etc Injection flaws tend to be easier to discover when examining source code than via testing
Code_injection - Wikipedia, the free encyclopedia