A number of methods can be used to wreak havoc on your network, including SQL injection, cross-site scripting, bypassing authorization controls, leaking sensitive data, and more.
Over at CMSWiRE you'll find an article, "How They Hack Your Website - Overview of Common Techniques," that touches on several methods used by intruders.
For example, the article shows a few snippets of SQL that might get past your defenses if developers didn't take certain situations into consideration.
Another huge problem is leaking data inadvertently. One misplaced file or Web link could lead to data exposure via search engines.
While you're probably already familiar with the concepts there might be some information in the article that could turn on a few lightbulbs and get you started poking around your own sites to look for weaknesses.