source code comments
1. browser – right click view source
2. firefox plugin firebug
software vulnerabilities are sometimes documented within source code comments.
This often occurs because developers are aware that a particular operation is unsafe, and they record a reminder to fix the problem latter, but they never get round to it.
Example found in a source code
char buf(200): // I hope this is big enough
Searching source code for comments indicating common problems is frequently an effective source of low-hanging fruit.