It never seems to amaze me how many sites are still vulnerable to SQL Injection. I just stumbled upon a site specifically for SQL Server scripts and it was SQL injectable!
Microsoft OLE DB Provider for ODBC Drivers error ‘80040e14’To all web developers out there - validate all user input always!!! Especially if your backend is Microsoft SQL - it’s just too easy to gain utter and complete control over a system where the web frontend is vulnerable to SQL Injection.
[Microsoft][ODBC SQL Server Driver][SQL Server]Unclosed quotation mark before the character string ”.
ponders whether he validates all user input…