About SQL injection,
Am getting error at checkmarx like may attacker provide malicious data via input argv that flows through code without sanitization.
input argv like below
Anyone please help me with this am stuck with sql injection error.
I don’t know what checkmarx is but are you using parameters for your SQL statements? That is the standard way to avoid injection. See, for example https://bobby-tables.com/.
It’s been sometime since I did this kind of thing and I did implement some PHP code to prevent SQL injection: I’m sure it involved escaping the input.
I’ve never tried the technique in Python, but I see no reason my that technique would not work.