A SQL injection attack consists of insertion or "injection" of a SQL query via the input data from the client to the application.
https://nodeblogvuln.herokuapp.com/
XSS
Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted web sites.
Different kinds
Reflected
Stored
DOM based
LFI and Directory traversal
The File Inclusion vulnerability allows an attacker to include a file, usually exploiting a "dynamic file inclusion" mechanisms implemented in the target application.
Shell injection
Command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application.