Blind SQL injection attacks are a well know and recognized form of code injection attack, but there are many other forms, some not so well documented or understood.

SQL盲注攻击是一种为人熟知的代码注入攻击形式，但是也有很多其他形式，有些尚未得到很好的记载和了解。

youdao

When researchers look for malware and attack vectors, the tendency is to look for vulnerabilities in portals or code.

当研究人员寻找恶意软件和攻击的载体时，他们往往会寻找接口或代码中的漏洞。

youdao

Perhaps the most malicious form of injection attack is code injection—placing new code into the memory space of the running process and then directing the running process to execute it.

最恶劣的注入攻击形式也许是代码注入——将新代码置入正在运行的进程的内存空间，随后指示正在运行的进程执行这些代码。

youdao

Also, client-side JavaScript encryption has its limitations since it would still be susceptible to a server-side code poisoning attack executed either through a man-in-the-middle attack or the service provider acting maliciously or subject to jurisdictional court order.

FORBES: Cryptocat Increases Security In Move Away From JavaScript Web Delivery

This tactic fails too often because criminals are adept at obfuscating their attack code, allowing their activity to remain undetected for long periods of time.

FORBES: To Stop Cybercrime: Understand Crime Logic, And Adapt

The average malware has about 175 lines of code, which can attack defense software using between 5 million and 10 million lines of code.

FORBES: Cyberattacks: Not Just Online, Anymore