The important thing is: don't do it like that.
Do not concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead.
Fixing that will also fix the problem you have noticed...
using (SqlConnection con1 = new SqlConnection(db.Connectionstring()))
{
con1.Open();
string strSQL = "UPDATE pqsub SET quantity=@QTY WHERE kuligai=@KUL AND color=@COL AND meters=@MET";
using (SqlCommand cmmds = new SqlCommand(strSQL, con1))
{
cmmds.Parameters.AddWithValue("@QTY", txtqty.Text);
cmmds.Parameters.AddWithValue("@KUL", txtkuligai.Text);
cmmds.Parameters.AddWithValue("@COL", txtcolor.Text);
cmmds.Parameters.AddWithValue("@MET", txtmeter.Text);
cmmds.ExecuteNonQuery();
}
}
But if any of those are supposed to be numerical values, you should always check and convert them to an appropriate number variable type using TryParse and pass the number instead. If you start trying to pass user input numbers direct to your DB you are in for a world of pain later on!