You aren't using the parameter:
query = "select * from Transactions where id='" + TextBox1.Text + "'";
cmd = new SqlCommand(query, con);
cmd.Parameters.Add("@id", SqlDbType.Decimal).Value = TextBox1.Text;
In this case, the parameter is
@id
which you don't refer to and which desn't contain a Decimal value - it is text. Change it to:
query = "select * from Transactions where id=@id";
cmd = new SqlCommand(query, con);
cmd.Parameters.AddWithValue("@id", TextBox1.Text);
And it should solve your problem.