What Kinds of Damage Can a Malicious Actor Do With a SQL Injection Attack?