It is not a good idea to concatenate string together to form queries. That leaves you susceptible to SQL Injection. You should be using parameterized queries. Also, your syntax is not spaced correctly for your query.
Use something like this:
c1.cmd.CommandText = "UPDATE tablename SET avail=@k WHERE date between @start and @end";
c1.cmd.Parameters.AddWithValue("@k","NO");
c1.cmd.Parameters.AddWithValue("@start",DateTime.ParseExact(TextBox10.Text, "dd-MM-yyyy", System.Globalization.CultureInfo.InvariantCulture));
c1.cmd.Parameters.AddWithValue("@end",DateTime.ParseExact(TextBox11.Text, "dd-MM-yyyy", System.Globalization.CultureInfo.InvariantCulture));
The "tableName" should be replaced with the name of the table you want to updated. If the table is dynamic as well, then you can use the initial method you tried with the tablename I suppose.