Filename is seeing as parameter and applied a SQL Injection signature
Hi, the ASM (9.4.4) have a false positive by detecting the filenames as parameter and applying the following SQL injection signature:
False Positive: SQL-INJ "--" (SQL comment) (Parameter)
...