Who doesn't love a Top 10 list? Magazine publishers would have all gone out of business years ago without them. The Open Web Application Security Project (OWASP) publishes their own top 10 list on common app vulnerabilities.
If you are feeling insecure and vulnerable, then let's talk about the OWASP Top 10. We'll touch on each one, and explore where frameworks (i.e. Rails) protect us, and where we actually need to think about security.