Other then JSOP said the nasty SQL injection is also using the same.
Suppose there's one query
SELECT * FROM Table WHERE userid='"+TextBox1.Text+"';
at a time of passing textbox value as
hiren' OR '1'='1
will make Query looking like this
SELECT * FROM Table WHERE userid='hiren' OR '1'='1'
for getting list of all user information using SQL Injection.
See some more example of Injection
HERE[
^], Please use it for good cause for powering security in your query rather then applying Injection for deflating others.