Joshua Magri
Chicago
Senior Managing Security Consultant at IBM-Think Blog
Featured in: 
securityintelligence.com
Articles
-
3 weeks ago |
ibm.com | Joshua Magri
If you’re not familiar with the implications of being able to execute native SQL queries, then I suggest you read this blog from my teammate, Sanjiv Kawa, about his tool SQLRecon. Obviously, if you can execute SQL queries on a server, then you can dump all data that you have permissions to access, and this could be concerning if sensitive data is stored in the database. However, if you have privileged access to the SQL server, then you can execute code on the underlying operating system.
Try JournoFinder For Free
Search and contact over 1M+ journalist profiles, browse 100M+ articles, and unlock powerful PR tools.
Start Your 7-Day Free Trial →