You forgot to add the -T switch to turn on taint checking. Since this person is using this data to add to a database, they're probably constructing SQL statements with it. Thus, without taint checking, a savvy cracker can have fun passing values that delete databases, change information they shouldn't, or other nasty things.