[Aikido] AI Fix for Potential SQL injection via string-based query concatenation

[aikido-autofix]

This patch mitigates SQL injection vulnerabilities by implementing parameterized queries using the mysql library's parameter binding feature.

Aikido used AI to generate this PR.

Low confidence: Aikido has tested similar fixes, which indicate the correct approach but may be incomplete. Further validation is necessary.