I like this post from Smashing Magazine on web security. it is a little geeky, but it is difficult to describe problems such as SQL injection (one of my own battles) without moving past common knowledge. Of course, common knowledge is part of the problem.
