SQL injection (SQLi) is a vulnerability type that allows an attacker to read, write, or erase information from a database by injecting malicious SQL code. This exploit can manipulate database queries, leading to unauthorized access to data.