Injection
in general, if a service builds queries by bashing strings together
and any of those strings come from a user,
that service is vulnerable.
A) database (SQL) injection “comes from a user”
data from a database may have originated from a user as well
B) XML injection OWASP XML External Entities (XXE)
(src: Book: release it! - Michael Nygard)