For those that love web application security data, WASC has just released their Web Application Security Statistics Report for 2007. Statistics were compiled from several companies, including Booz Allen Hamilton, BT, Cenzic, dblogic.it, HP, Positive Technologies, Veracode, and WhiteHat Security. In total, over 32,000 sites were analyzed, with roughly 70,000 vulnerabilities of different degrees of severity. More information can be found on the Web Application Security Statistics project page at WASC.