Issue #20: Add parametrized query to avoid SQLi

Signed-off-by: Matheus Horstmann <mch15@inf.ufpr.br>
2 jobs for 20-evitar-sql-injection in 1 minute and 3 seconds (queued for 1 second)