PHPit.net has part three of their "PHP & Security" showing some example exploits.

One of the most common aspects of programming and scripting is security. Every program or script has to think about security, and each language has certain weak points. Actually, it isn't the language that has weak points - it's the programmer who creates weak points. PHP is no exception to this, and security should be at the top when you're creating a new script, no matter how simple or small the script may be.

In this article we're going to look a three different security cases. In each case I will try to explain the exploit, provide a working example, and then suggest possible fixes to prevent you from making the same mistake. Let's get cracking, shall we?

They cover three different exploits - email injection, view source scripts, and CSRF attacks (Cross-Site Request Forgery). They explain each one - what it is and how to protect yourself against the exploit.