Discuss vulnerabilities in web applications and explain the effectiveness of Passive scanning, Active scanning, Dynamic analysis, and Static analysis. For example, Static analysis examines the web application code from the inside to look for common vulnerabilities such as SQL injection and cross-site scripting, as well as coding errors like buffer overflows and unhandled error conditions. Provide examples in your discussion. 

200 words with reference and citation