Here are some great reasons to protect yourself from SQL Injection through things like validation (Hannes points out that a typical search for quotes won’t help in this case), using stored procedures and using least priveleged accounts for your webdatabase
Shutdown – Shuts Down SQL Server
Revoke – Revokes user permissions
Grant – Give yourself any permission you want
Drop Table /Index/Rule/Procedure Etc.
Drop Database – ouch!
Sign up for my newsletter so you don't miss my conference & Pluralsight course announcements!