I am about to attempt question 10.
The first thing I did was try and learn about cookies. So I found this site.http://en.wikipedia.org/wiki/HTTP_cookie
Actually a good read!
Then going back over what I have learnt I am trying to work out what techniques I should apply here.
We have learnt to read source code
We have learnt to use java injections in the url
We have learnt about unix codes
We have learnt about SSI
So in this instance it looks like there are only 2 of the 4 options above we can apply here.