<html>
<head>
<title>Example</title>
</head>
<body>
Name: <?php echo $_GET['name']; ?>
</body>
</html>
http://example.com/script.php?name=derick
Name: derick
!
http://example.com/script.php?name=<script>alert('!');</script>
