Which of the following describes SQL Injection?

SQL Injection is a code injection technique that exploits vulnerabilities in an application's software by allowing an attacker to interfere with the queries that an application makes to its database. When option B describes an attacker executing SQL commands to manipulate a database, it accurately reflects how SQL injection works. In a successful SQL injection attack, the malicious SQL code is executed within the database context, enabling the attacker to perform unauthorized actions such as accessing sensitive data, modifying or deleting records, and potentially taking control over the entire database.

This description of SQL injection highlights the fundamental technique used by attackers to manipulate the database through crafted SQL commands that take advantage of weak input validation in applications. A clear understanding of this concept is crucial for identifying and mitigating potential security vulnerabilities in software development.