I which forms can visiting certain sites compromise one's system security, taking into account that browsers keep a sandbox for each opened page?
Nowadays, can a malicious -or attacked- site really, for instance, steal all stored passwords from a client or infect him with a virus?
Your initial assumption may be misguided in terms of security. A properly implemented sandbox should make you safe, however because people like a full featured Internet experience, there is rarely a properly implemented sandbox. Instead, you have flash, plugins, javascript etc.
So the simple answer is that yes, a malicious site can take complete control over your computer and look at, modify or destroy anything on your computer!
Yes, a website can exploit holes in a browser and place a shell on the computer giving it total access to passwords, installing root kits, etc.
Don't take our word for it. Test it: http://www.offensive-security.com/metasploit-unleashed/Browser_Autopwn
But, I think you may have left out some assumptions from your question.
