Top ten web application security holes for 2004 Tuesday, February 17, 2004 I heard about this site on TechTV of all places. Not surprisingly, #1 is Unvalidated input.