This stored procedure "xp_cmdshell" is very dangerous instruction when Attacker can guess database's account and using xp_cmdshell to get own shell :P
When Database's admin Disable 'xp_cmdshell', We can't get shell from MSSQL. So we have solution to Enable xp_cmdshell from SQL Injection Vulnerability.
**Hidden Content: To see this hidden content your post count must be 15 or greater.**
