When typing <php ?> into the keyword search form you get mysql error.

P.S. There are still XSS vulnerabilities in all search forms.