OWASP A7 and A6: Leaky and Unprepared Applications