John CMS versions 1.0 through 5.1 suffer from a persistent cross site scripting vulnerability.
65f89faf31f51ac39e66872698d33b927f9974d0283f5747f8e77d2023f89e43
sensiGal version 2.0 suffers from a remote SQL injection vulnerability. Note that this advisory has site-specific information.
eb57645bb192ed4c880014c96390361b1fae2f59d207e17c7bf704c561d67e83