SQL Injection: Common Mistake
Posted by James Jardine on September 1, 2010 · Comments Off on SQL Injection: Common Mistake
Filed under: Security
Filed under: Security
One of the most common suggestions for remediating SQL Injection vulnerabilities is to use stored procedures. Using stored procedures can help decrease the risk of SQL Injection, but if implemented incorrectly, it can create a false sense of security. For example, look at the created stored procedure below: CREATE PROCEDURE dbo.usp_IsValidUser ( @UserName ...