A web application accepts user input and directly includes it in SQL queries without sanitization. An attacker submits a single quote (') to cause a syntax error. What is this attack called?
The description matches SQL injection.
Why this answer
SQL injection occurs when user input is not sanitized and alters SQL query structure.