Sep 5, 2018 · 1 min read
Great article, but SQLi can lead to Remote Code Execution (RCE) -> Privilege Escalation -> Network Pivoting -> Network Compromise.
If RCE is not possible then company’s reputation can be on stake — your app is vulnerable to #1 in OWASP Top10, people are scared :)
I do agree that not all vulnerabilities are equal and it depends on context.