SecGuru has posted (link no longer works, was located at www.secguru.com/web_application_cheatsheet_version_2) a cheat sheet for Web Application Security. There is also an earlier version of the cheat sheet as well.
This is a handy reference, but it is good to keep in mind that no book, or article about security is ever exhaustive or conclusive. It is a good starting point, but you can't assume that it covers every possible security problem your web application could encounter.
Update: Since the link no longer works, I would take a look at the OWASP project instead.