lang:

ASP

regex:

CommandText\s*=\s*.*\"\s*\&

description:

Possible SQL Injection
tags:
sql injection
results