Obtains an administrative login for a SQL database server

Finds and exploits CVSS-SIG vulnerabilities in a particular version of SQL database

Inject information into an SQL server via an undocumented administrative interface

Submits a string that is interpreted as a SQL database command