Users of the SAK.fi single-page application website have spotted coming-in request validation vulnerabilities. One user also found that the website was vulnerable to xss and Cross-Site Request Forgery (CSRF) Attacks. SC5 online ltd helped SAK develop their new site as a fast-loading single-page application (SPA). One of their key developers Martti Malmi is said to have also helped develop the POP Vakuutus that is vulnerable to HTML5 attacks.
Attempts to reach either company have bore no fruit but we hope that users can be careful while using such websites.

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic