On page 2 of this thread, Sean Lange gives a simple example of dynamic SQL (vulnerable to sql injection), and a parameterized version of the same code.

http://www.sqlservercentral.com/Forums/Topic1566653-392-2.aspx