A very very long sessionid - http://thedailywtf.com/forums/67130/ShowPost.aspx

Validation at XML - http://www.thedailywtf.com/forums/68318/ShowPost.aspx

Use shell script at web application - http://thedailywtf.com/forums/thread/78846.aspx