Analyze the following hypothetical SQL query construction and backend logic for vulnerabilities: 'INSERT INTO logs (user_id, action) VALUES (' + uid + ', ' + action + ')'. 1. Identify specific types of SQL injection attacks possible here, including time-based blind and second-order injection. 2. Explain why standard prepared statements might fail if the underlying stored procedures utilize dynamic SQL concatenation. 3. Propose a rigorous remediation strategy involving input validation, parameterized queries, and principle of least privilege at the database user level.