Ok, quite simply there were security holes in some of the scripts.
So, you could feed a weird ?blah=blah&blah=blahblah string to the end of an URL, or enter weird text into a post and get access to things you shouldn't.
Thats basically what an exploit is, when you talk about it in website...