7July_12_2008 Second Order attack
http://www.ngssoftware.com/papers/SecondOrderCodeInjection.pdf
common attacks:
html form embedding
cross-site scripting
sql injection
buffer overflow
file includes
influences on attack:
timing
location
environment
source
first order -- conducted in real time
second order--malicious code stored or used after injection (trojan horse installed)
CLASS 1: frequency-based primary app (top 10 searches, yesterdays' most popular, etc)
CLASS 2: Frequency based secondary app: didn't receive the code, but process stats
   ("top 50  referrers")
CLASS 3: Secondary Support Application- used to internally support primary applications (view info from primary app, help desk, phone support agencies)
CLASS 4: cascaded submission application-apps (or critical app components)--closest store near me
Storage areas
  injected code stored
   temp area (cached data)
   short term storage (daily/weekly logs)
   long term storage (permanently on back sys to be manually recovered)

CLASS 4 ("Advanced SQL Injection in SQL server applications")