You have not defined the column names.
cmd.CommandText = "insert into " + table (colA, colB) + "values ('" + textBox1.Text + "', '" + textBox2.Text + "');";
As an aside, you should look at c
ommand parameters[
^].
Queries like this are dangerous -
SQL Injection[
^].