Union-Based SQL Injection uses the UNION operator to merge the results of the original query with those from an injected query, allowing attackers to retrieve additional data from the database.

The primary purpose of error-based SQL injection is to extract data by forcing the database to generate error messages. These messages can reveal information about the database structure and contents, aiding the attacker.

Boolean-Based (Blind) SQL Injection infers data by asking TRUE/FALSE questions and observing the application's response. This method relies on the behavior of the application to extract information without directly seeing the data.

Time-based blind SQL injection relies on introducing time delays in the database response to infer information. By measuring the response time, attackers can extract data without visible output, making it a stealthy method.

Out-of-Band SQL Injection extracts data through alternative channels like DNS or HTTP requests, making it effective when other methods fail. This technique allows attackers to retrieve data without directly interacting with the database.

Parameterized queries separate SQL code from data, enhancing security by preventing SQL injection attacks and improving code readability and maintainability.

Input validation is crucial for preventing SQL injection as it ensures that user inputs conform to expected formats, thus blocking malicious data. While parameterized queries also help, the question specifically asks for a validation method.