The 2013 edition of the reportlisted Injection vulnerabilities as the number one issue. Injection is a widespread vulnerability that occurs when an attacker is able to inject malicious code into a web application through a vulnerable parameter or input field. Common types of injection attacks include SQL injection, NoSQL injection,listed "Injection" as the #1 vulnerability on the list. Injection vulnerabilities arise when untrusted data is sent to an interpreter as part of a command or query, allowing attackers to inject malicious code or execute unintended actions.