Hope everyone is aware of SQL Injection attacks. For people who are new, it is something about intruding in to your SQL Server (DB) by passing some commands through a request.
If the following (0x73656C656374206E616D652066726F6D207379732E6461746162617365733B) value is passed to the SQL Query, it will list all the DBs on the server. Something interesting. So whenever you get a request, check for it.