As a follow up to my post on preventing SQL Injection Attacks a couple of months ago I just found this little nugget, I Made a Difference[^], and it shows what can be achieved if you don't secure against SQL Injection attacks - and with only 3 hours of effort. Obviously, if you have access to the source code you will be able to launch an attack much quicker.
The original link seems to have disappeared. See the Wayback Machine for an archived copy
NOTE: This was rescued from the Google Cache. The original date was Wednesday 17th November, 2004.
Tags: 
sql 
sql injection 
sql injection attack