Walk me through how you would identify and remediate a SQL injection vulnerability in a legacy system.