All the SQL Queries used in the project are not sanitised. This makes it highly susceptible to SQL injection attacks. We need to sanitise all queries before they are passed to the database. We do not expect you to sanitise all of the queries since that would take too much time and would be lengthy. Sanitise all queries in the pages connected to the home page. This includes Items Page, Selling Page, Sell Page and the transactions. This issue has higher points awarded since it involves a higher number of pages.
Possible Way To Fix It
Use pattern matching/ text parsing specific to the context to sanitise the SQL queries. Another way is to use the sanitisation feature of SQLAlchemy
Explanation
All the SQL Queries used in the project are not sanitised. This makes it highly susceptible to SQL injection attacks. We need to sanitise all queries before they are passed to the database. We do not expect you to sanitise all of the queries since that would take too much time and would be lengthy. Sanitise all queries in the pages connected to the home page. This includes Items Page, Selling Page, Sell Page and the transactions. This issue has higher points awarded since it involves a higher number of pages.
Possible Way To Fix It
Use pattern matching/ text parsing specific to the context to sanitise the SQL queries. Another way is to use the sanitisation feature of SQLAlchemy
Resources
SQLAlchemy Sanitisation
Bounty Points: 40 - 80 Depending on the number of queries sanitised and the amount of login/code required.