A Mysql injection is attack tried by site visitors/users to
get/damage data in databases by taking benefit from poor programming of
websites.An injection attack occurs when a visitor to your site types
something into a form input with the purpose of changing the outcome of
your MySQL query. For example, at a login screen someone may try this
type of attack to gain access to a secure area of the website.

If your query to check the username and password entered by the user was this: