That "0000000A" looks suspicious to me, because that is a newline in hex. I think it's a cross-site scripting attack. There is a reference to information about such attacks on this page. It includes a download reference for a report called "The Ten Most Critical Web Application Security Vulnerabilities."