What is Web Application Penetration Testing?

What is a vulnerability?

System.Data.Edm.EdmEntityType: : EntityType '???' has no key defined. Define the key for this EntityType

System.Collections.Generic.IEnumerablexxx does not contain a definition for 'PageCount' and no extension method 'PageCount'

Microsoft Entity Framework

asp.net MVC GetGoogleHtml Analytics

To identify vulnerabilities and risks: active analysis of the application for any weaknesses, technical flaws, or vulnerabilities.
 1) Known vulnerabilities in COTS applications
 2) Technical vulnerabilities: 
    URL manipulation, 
    SQL injection, 
    cross-site scripting, 
    back-end authentication, 
    password in memory, 
    session hijacking, 
    buffer overflow, 
    web server configuration, 
    credential management, 
    Clickjacking, etc.,
 3) Business logic errors: 
    Day-to-Day threat analysis, 
    unauthorized logins, 
    personal information modification, 
    pricelist modification, 
    unauthorized funds transfer, 
    breach of customer trust etc.