The pitfalls quite easy to avoid and yet most often encountered concerning the security of the web sites are in particular: an authentication by a password too flexible, the absence of authentication rules to an account (the only incremental URL enough to access), the lack of encrypted data, the indexing of data in a search engine.
