Wired:

SQL injection vulnerabilities are among the most common vulnerabilities around and have consistently appeared at the top of vulnerability lists for years. The computer security firm Imperva calls it the “most pernicious vulnerability in human computer history” and says that between 2005 and 2011, SQL attacks accounted for 83 percent of data breaches during that period.

And:

When you visit a website, you communicate with an SQL database when you type your credentials into the log-in form, conduct a web site search or submit other kinds of data to the site.

An SQL attack occurs when hackers type SQL query code into that web form, and the web application that processes this input doesn’t properly check and validate it, thereby allowing the attacker to command the database to spill its data.

Interesting read. Good to know.