Which type of cybercrime uses unsanitized input vulnerabilities to access a target database?

The type of cybercrime that exploits unsanitized input vulnerabilities to access a target database is known as an SQL Injection Attack. This technique takes advantage of security weaknesses in applications that enable user input to be improperly validated or sanitized. When an attacker inputs malicious SQL code through fields such as search boxes or forms without adequate filtering, they can manipulate or access the underlying database. This can result in unauthorized viewing of data, modification, or even deletion of records within the database.

By executing specially crafted SQL statements, attackers can bypass normal application security controls, gaining access to sensitive information stored in the database. Given the prevalence of databases in modern applications and the critical need for proper validation of user-supplied input, SQL Injection has become a significant concern in cybersecurity.

The other types of attacks mentioned do not directly involve exploiting unsanitized input. Phishing attacks primarily trick users into revealing sensitive information through deception rather than exploiting input vulnerabilities. Privilege escalation attacks generally involve exploiting flaws that allow users to gain higher access levels than authorized, rather than targeting input sanitation issues. External attacks could encompass a wider range of intrusion techniques that don't specifically focus on database vulnerabilities. Thus, SQL Injection meticulously illustrates the critical nature of input validation in protecting against data breaches.