lang:

PHP

regex:

\"\ *(S|s)(E|e)(L|l)(E|e)(C|c)(T|t)[^"]*"\ *\.\ *\w[^.]*\.\ *\"

description:

Possible SQL injection, ensure all queries are implemented as parameterized queries.
http://cwe.mitre.org/data/definitions/89.html
tags:
sql injection cwe-89
results