Is the open source applications are really secure ?
Suppose we download an eCommerce application or CMS application in open source and start using that, they capture any details of our transactions and updates in our website?/ if is there any facility avail.., to trace out that reporting functions in the application ?

This might be a good read (http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/open-source-security.html) for a general introduction to the topic.

Assessing "how secure" an application is depends mostly on you. I can usually figure out what an application does, if I have the time to waste. Good, detailed documentation is usually a good indicator, as is active and diverse community involvement in the project.

If you have a specific question, please feel free to ask/discuss it here.