1-http://www.example.com/dora/default.asp?goster=iletisim You write xss code in page's text box Adý Soyadý Mail Adresiniz Konu Mesajý Press to "gör"(send) button. http://www.example.com//dora/default.asp?goster=emlakdetay&id= [SQL]