OWASP (Open Web Application Security Project) is maintaining top 10 list of most common application vulnerabilities/weaknesses.
- Injection
- Broken Authentication and Session Management
- Cross-Site Scripting (XSS)
- Insecure Direct Object References
- Security Misconfiguration
- Sensitive Data Exposure
- Missing Function Level Access Control
- Cross-Site Request Forgery (CSRF)
- Using Components with Known Vulnerabilities
- Unvalidated Redirects and Forwards
Links
Other links
- Introduction to OWASP
- Secure Coding Practices – Quick Reference Guide