Razican opened this issue 7 years ago · 0 comments
We are detecting false positives in SQL injections where the parameter is an integer (for example #150). We should improve the regular expression so that it specifically finds a paramString as a parameter, shouldn't be too difficult.
paramString