Is an SQL injection actually possible by adding a second query?

Question

There\'s a lot of warnings about SQL injections here on SO, but no one I\'ve found doesn\'t really answer, how does it happen? In this question, I\'m assumi

Answer 1

How does a malicious user with no access to the database inject malicious data, if multiple queries aren't even supported?

"SQL injection" is not equal to "second query".

Or are they?

Surely they are.

Second query is just an example. While it can be any valid SQL statement. SQl injection is an exploit of improperly formatted query. If a developer don't format SQL properly, there is a possibility to break from limits of literal and add code to the SQL body.

Is an SQL injection actually possible by adding a second query?

Yes, depends on the API you are using.