cjstevenson

icon indicating a website link speedwaymotors.com

icon company Speedway Motors, Inc. icon location Lincon, NE

Results 2 comments of cjstevenson

IN() list queries are not parameterized, causing increased SQL Server CPU usage

So do quoted queries and blackslashes lead to SQL injection attacks? E.g. a value of `legit_value\\'); SELECT * FROM some_table limit 10; -- `. I'm surprised that this is not...

IN() list queries are not parameterized, causing increased SQL Server CPU usage

Thanks for pointing me to the security policy.