What type of attack involves the use of malformed SQL queries to bypass security controls?

The use of malformed SQL queries to bypass security controls is known as a Query Attack, specifically referred to as SQL Injection. This type of attack exploits vulnerabilities in an application's software that improperly handles user input. By crafting specific SQL queries, attackers can manipulate the database to execute unauthorized commands.

In the context of web applications, this means that an attacker can gain unauthorized access to sensitive data, alter data, or even delete it entirely, all without the necessary permission to do so. The essence of a Query Attack lies in its ability to manipulate the SQL queries executed by the application, exploiting the way the application interacts with the database.

Understanding the mechanics of this attack highlights the importance of input validation and proper error handling within application development. These protective measures are key to safeguarding against such vulnerabilities and ensuring application integrity.