Even if it is a 'cookie' problem then it means that user sourced data is not going through an appropriate sanitisation before inclusion in a sql query. This is how sql injection attacks happen. From ...