SQL injection occurs when a web application doesn’t properly validate or sanitize user input that is used in SQL queries. Attackers can exploit this by injecting malicious SQL code into the input fields of a web application, tricking the application into executing unintended database queries.
View the template here CVE-2022-40032.yaml
References:
https://www.sourcecodester.com/php/15624/simple-task-managing-system-php-mysqli-free-source-code.html