Nice article on SQL Injection
As the author says there are no ground breaking discoveries in the paper but it does talk about real examples and experiences and does cover the subject quite well as an overview and introduction. The author says he gave this paper as a presentation to the customer involved and their reaction was well worth it.
The paper is based around IIS, ASP.NET and MS SQL Server but that doesn't really matter in this case as the paper is worth reading for the background and the techniques employed. The paper is called "SQL Injection Attacks by Example".
This paper is well written and gives a good example of the thought processes involved in compromising a system using SQL Injection, Steve then goes on to suggest how an attack could be taken further and also talks about how to protect against SQL Injection attacks. As I said this is a very good introduction paper to the technique and well worth reading.