Many of the recent high-profile security breaches took advantage of common, well-known software flaws in applications, such as SQL injection, cross-site scripting and buffer overflows. Most of these flaws are inadvertently introduced into software applications during the development process because the developers don't understand security, are rushed for time or are just used to "the way the Web works" without thinking of security implications.
