Depends on how the database/system is implemented?
Part 1: Getting access to the database.
SQL injection through web applications is usually the most common ways, as web applications are so common these days. What people sometimes forgot is that binary/native/thick applications can also communicate with databases, and sometimes a network port is available. But usually if the application is in the public domain a web gateway is used to proxy the database traffic; as opposed to internal (eg. corporate) domains will have the databases accessible across an internal network.
With logical acces