your "Last 10 Searches" script is use my script that i made a few years ago when i still learn in php, and first time make 4shared grabber just before 4shared release their API.
thats script is unprotected. not protected with stripslash, striptags etc
but its look like someone make a litle modification by replacing :// with empty chars to avoid submitted URL and some useless replacement, but he/she not adding strip_tags function.
your site will be bad if some one submiting html tag into your form