You have already posted the cause and the fix for the reported issue.
[quote]
Causes: Sanitation of hazardous characters was not performed correctly on user input
Fix: Review possible solutions for hazardous character injection
[/quote]
The issue here is about the lack of validation on your applications user input controls, in this specific instance, a control with an ID of txtAdd2.
For example, if this controls purpose is to accept an number, that is then passed to your store procedure, then you should validate the user has entered a number - before attempting to pass it's value to your procedure.
There are a few articles here that explain the different types of asp.net validation controls available, and examples of their usage ...
This is a good example article.
... hope it helps.