Url: http://prdownloads.sourceforge.net/owasp/OWASPT…
This is a great document on the top ten application security holes that many sites are vulnerable to.  These are application holes, not operating system or database security holes.  These are insidious because many applications accidently leave these open in different ways.  This document is great eduction for entire engineering groups on what to avoid in web site development.