even if *MY server* is protected from harm... the existence of
   an unprotected... input box of some kind could theoretically
   allow code to then manipulate less secured sites. My site shows
   up in their system logs, I'm flagged as a malicious site, shows
   up on those "sites to block" lists on ISPs and boom, my site
   becomes inaccessible -- fasctinating! (no sarcasm here (I rarely
   do sarcasm) ... "