CompTIA Security+ SY0-701 Practice Question
During a security assessment, you identified that an employee's desktop application for managing customer data allows for executing arbitrary database queries by modifying inputs within the application. This vulnerability can be exploited by attackers to manipulate or exfiltrate sensitive data from the company database. Which specific type of vulnerability does this scenario describe?
Buffer overflow
SQL injection (SQLi)
Directory traversal
Cross-site scripting (XSS)