Home Forums Article Discussions Article Discussions by Author Discuss Content Posted by Christoffer Hedgate SQL Injection! RE: SQL Injection!
K. Brian Kelley
SSC Guru
Points: 114552
More actions
February 2, 2004 at 1:54 pm
#492549
Well... with cross-database ownership chaining, there is still quite a bit of recon an intruder can do. Hence the reason to use Command objects or the equivalent thereof as well as stringent input validation.
K. Brian Kelley@kbriankelley