The OWASP Top 10 Web Application Security Risks for 2010 are:

  • A1: Injection
  • A2: Cross-Site Scripting (XSS)
  • A3: Broken Authentication and Session Management
  • A4: Insecure Direct Object References
  • A5: Cross-Site Request Forgery (CSRF)
  • A6: Security Misconfiguration
  • A7: Insecure Cryptographic Storage
  • A8: Failure to Restrict URL Access
  • A9: Insufficient Transport Layer Protection
  • A10: Unvalidated Redirects and Forwards
  1. [2010/08/27] Open Web Application Security Project (OWASP) by geethanath (934)
  2. [2011/02/02] 19 Attacks for Exploiting Security Vulnerabilities in Applications by senkumari ()
  3. [2011/05/10] OWASP Testing Guide *5 by ksiang ()
  4. [2011/09/07] How to Test Application Security – Web and Desktop Application Security Testing Techniques *4 by mayank2512 (3706)
  5. [2010/12/09] CGISecurity : Web Server and Application Database website *1 by Dynamic (903)