What are the different types of SQL injections?

There are several main types of SQL injection.

1. Injection based on errors: By inputting a malicious SQL statement to make the program return error messages or exceptions, allowing access to database structure or data.
2. Blind injection: obtaining data by analyzing the program’s return results without needing specific error information.
3. Time-based blind injection: determine the success of the injection by analyzing the time taken for the program to return results, in order to retrieve data.
4. Stacked query injection: executing multiple SQL statements in a single request.
5. Second injection: Using the results of the previous injection to carry out the next injection.
6. Union-based injection: merging the results of two queries using the UNION keyword in an SQL statement.
7. Injection through stored procedures: Injection is achieved by modifying the parameters within stored procedures.
8. Injecting through error logs: Obtaining data by triggering errors and looking at the information in the error logs.
9. Injecting through error messages: gaining access to data by creating malicious SQL statements that trigger database errors.
10. Boolean-based blind injection: Retrieving data by determining truth or falsehood.