The OWASP Top Ten Vulnerabilities in Web Applications – about half are input validation problems, the other half are due to misuse/misconfiguration. It’d be interesting if someone were to put together a PLEAC type thing for secure coding principles…
From /.:
I like my web servers just like my women…insecure and full of holes waiting to be exploited.