Quote by Dirk: Just because it throws an SQL error doesn't automatically mean it's "exploitable". Although I have to agree that the forum could do some more thorough parameter checking.
Besides, your first and last example don't do anything.
If you're seriously interested in helping with security issues, please see our
security page.
bye, Dirk