Tip! Do not use SQL Queries in your URL string


US Operations
Staff member
I am seeing a LOT of SQL Injections in logs, but what is more troubling is seeing how many people have saw SQL Queries in their URL String to pass along to the SQL Server in day to day working websites.

With this type of url, you are giving an open invitation to have your entire DB trashed, and anything in it exposed, along with any user/passes/emails etc.

I am working to block SQL injections on servers by URL string, and seeing loads of very badly coded side with major problems in their parameters and URLs.