I believe that everyone has seen a lot about SQL injection, and it is possible that you have invaded someone else's machine or your own server has been invaded (I am also a victim).
So how do you prevent this problem from happening?
A key reason is that the permissions you created by the user are too high. In general, when you create a new user, you will always put the system administrators on this role. The problem is here.
If you just want to operate the database, then remove this, then in the Database Access tab, select the database you want to operate to secure the public, db_owner permissions.
Of course, if you also want to prevent hackers from passing through the database: Database operation directly, try to make a filter processing, such as filtering out "SELECT, UPDATE, DELETE, DROP, etc."! This is safer.
good luck!
Welcome everyone to the issue, continue to express a good idea!
