SQL Injection has brought a lot of awareness over the last few years, from the TJX / Heartland Payment Systems compromise to the mass SQL Injection attacks in 2008, that have continued to spill over into 2009. What was termed as an ‘old school attack’ has certainly demonstrated the ability to continue to be successful. As we move forward and begin to introduce interactive programming techniques like Flash and Ajax that reside on the client, one question must be asked, ‘What’s next for this old school attack?’
