in general SQL injection is a code injection technique that might destroy your database. in other way the attackers can have access to all your database information including your email your password your phone number and all your website member details !
gaining access to your database is a big problem all your data will be leaked and hacked also your website members, imagine a big website with big members number hacked ? lets say you have a membership in a website and that website have SQL injection exploit and the hackers attack it
the hackers will have your email and password your phone number and all data you entered in that website !! lets say you use the same password of your facebook account on that password , the hackers will try login to your account and booom all privacy gone , sound scary right ?
lets go bigger than that , country like Thailand have low security in websites , i see a big website and forums in Thailand have SQL injection ,one of million websites have at least from 3000 to 100,000 member in this case hackers exploit SQL injection and collect the data , data of million accounts emails and password’s
what hackers do with that amount of data ? they send scams to the leaked emails , scam is a fake email you got , that email says for example you should update your paypal account , and that email are programmed to link you to a page look exactly like paypal page but instead of sending your email and password to paypal that login page send the information’s for the hackers
other way they have software’s for trying your login email and password on social media websites like facebook twitter and others also google , in that case if you use the same password for all websites you will be hacked !
also some hackers sell that huge amount of data to dark E marketing companies so your email will be of full of scam and false sales and other scam emails
in other way if there is s SQL injection in a website on a server , the hackers will have the admin and password of that website , and try to upload a programmed tool called shell or backdoor to the server !, after that they try to gain the root privilege of the server and thats mean all the websites on that server is hacked
lets say you have secured website but you use shared host with another websites and some of them have SQL injection your website will be able to be hacked !
some other techniques that hacker use to hack a website using SQL injection is to inject that backdoor directly using the database orders AND no NEED to your admin panel and your username and password
Understanding how SQL injection can be so dangerous is what we need to consider
if you want to know if you have that exploit here