Old but still valid examples, why string escaping might not protect you against SQLi
Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end
Ãœberlasse ich jetzt mal den SQL Experten ob die Tipps wirklich so gut sind.