Having spent some time trying to protect web sites from unintended unlocked back doors, I found this article to be extremely interesting. I think that one of the conclusions is quite simply that there are an infinite number of ways to break in to web sites.

Great resource!
http://jeremiahgrossman.blogspot.com/2006/12/top-10-web-hacks-of-2006.html