The Top 10 Web Application Security Risks are:
* A1: Injection
* A2: Cross-Site Scripting (XSS)
* A3: Broken Authentication and Session Management
* A4: Insecure Direct Object References
* A5: Cross-Site Request Forgery (CSRF)
* A6: Security Misconfiguration
* A7: Insecure Cryptographic Storage
* A8: Failure to Restrict URL Access
* A9: Insufficient Transport Layer Protection
* A10: Unvalidated Redirects and Forwards
A detailed PDF can be downloaded here: http://www.owasp.org/index.php/OWASP_Top_Ten
Yours Michael
http://cwe.mitre.org/top25/