lang:

C#

regex:

\"\s*[Ss][Ee][Ll][Ee][Cc][Tt][^"]*"\s*\+\s*\w[^+]*\+\s*\"

description:

Possible SQL injection, ensure all queries are implemented as parameterized queries.
http://cwe.mitre.org/data/definitions/89.html
tags:
sql injection cwe-89
results