server-side-attacks

Closed. This question is off-topic. It is not currently accepting answers. Learn more . Want to improve this question? Update the question so it's on-topic for Stack Overflow. Closed 5 years ago . I found these requests in my servers log file. I am using nodejs on amazon EC2. /manager/html / /manager/html /manager/html /muieblackcat //phpMyAdmin/scripts/setup.php //phpmyadmin/scripts/setup.php //pma/scripts/setup.php //myadmin/scripts/setup.php //MyAdmin/scripts/setup.php /manager/html /manager/html http://hotel.qunar.com/render/hoteldiv.jsp?&__jscallback=XQScript_4 /hybridauth/install.php

Sorry for ask here but I cannot found much reference about pymysql's security guide about how do we prevent sql injection, When I do PHP develope I know use mysql preparedstatement(or called Parameterized Query or stmt),but I cannot found reference about this in pymysql simple code use pymysql like sqls="select id from tables where name=%s" attack="jason' and 1=1" cursor.execute(sqls,attack) How do I know this will prevent sql injection attack or not?if prevent succeed,how do pymysql prevent?Is cursor.execute already use preparedstatement by default? Python drivers do not use real query