List of vulnerabilities I have reported from public web-sites below.

Site Issue Notification Responded Status Comments
https://todentaminen.posti.fi/ Cross-site scripting vulnerability 2018-11-06 2018-11-10 Fixed
http://www.vepsalainen.com/ Multiple Cross-site scripting vulnerabilities and configuration issues 2016-11-10 2016-11-11
http://www.tulospalvelin.fi/ Multiple Cross-site scripting and SQL-injection vulnerabilities 2015-12-30 No. Only error messages from SMTP server. Reported to CERT-FI 2015-12-31
https://support.proofpoint.com/ Cross-site scripting 2015-12-23 Yes: 2015-12-24 Fixed: 2015-12-24
http://deloitte.smartpage.fi/ Reflected Cross-site scripting 2015-07-29
http://lounaslistat.lounastauko.fi/ Reflected Cross-site scripting 2015-07-28
http://www.varty.fi/ Reflected Cross-site scripting, SQL injection 2015-07-26
http://kuvat.fi/ Reflected Cross-site scripting 2015-07-26
http://purait.fi/ SQL injection 2015-07-26
http://www.edentherapy.fi/ Reflected Cross-site scripting, multiple SQL injections 2015-07-26
http://www.cyberphoto.fi/ Reflected Cross-site scripting 2015-07-26
http://www.jpv-engineering.fi/ Reflected Cross-site scripting, multiple SQL injections 2015-07-26
http://www.carawayfinland.fi/ Reflected Cross-site scripting 2015-07-26
http://jykifix.fi/ Reflected Cross-site scripting, multiple SQL injections 2015-07-26
http://www.vistovin.fi/ Reflected Cross-site scripting, multiple SQL injections 2015-07-26
http://www.mobilehouse.fi/ Reflected Cross-site scripting, multiple SQL injections 2015-07-26
http://www.passiv.fi/ Reflected Cross-site scripting, three SQL injections 2015-07-26
https://www.keksihylly.fi/ Reflected Cross-site scripting 2015-07-26
http://careers.raasepori.fi/ Reflected Cross-site scripting 2015-07-26
http://www.raivolanpakkaus.fi/ Reflected Cross-site scripting, SQL injection 2015-07-26
http://www.rondo.fi/ Reflected Cross-site scripting 2015-07-26
http://www.ratkojat.fi/ Reflected Cross-site scripting 2015-07-20 Yes: 2015-07-21 Fixed: 2015-07-21
http://www.autopurkaamot.com/ Reflected Cross-site scripting 2015-07-16 Yes: 2015-07-16 Fixed: 2015-07-16
http://www.marjam-interior.fi/ Cross-site scripting 2015-06-11 No
http://www.stadium.fi/ Cross-site scripting 2015-06-09 No
http://lammi.hakemistokeskus.fi/ Cross-site scripting 2015-05-28 No
http://www.yrityswiki.fi/ Cross-site scripting 2015-05-28 No
http://www.kauppila.fi/ Cross-site scripting 2015-05-16 No
http://parapara.fi/ SQL injection 2015-05-13 No
http://shops.fi/ SQL injection 2015-05-03 No Fixed: 2015-05-15
http://www.webinfohelsinki.fi/ Cross-site scripting 2015-05-04 Yes: 2015-05-05 Fixed: 2015-05-05
http://www.ompelijanmaailma.fi/ Cross-site scripting 2015-04-19 Yes: 2015-04-20 Fixed: 2015-04-20
http://www.pulju.net/ Cross-site scripting 2015-04-18 Yes: 2015-04-23 Fixed: 2015-04-25
http://nella.tampere.fi/ Cross-site request forgery 2015-04-15 Yes: 2015-04-15
http://pizzaverkko.fi Cross-site scripting 2015-04-07 Yes Fixed Received coupon of 10€
http://chilitarvike.fi Cross-site scripting 2015-02-25 Yes 2015-02-26 Fixed: 2015-02-26
www.kauppasatama.fi Cross-site scripting 2015-01-07 No Fixed
http://www.seri-deco.fi/ Cross-site scripting 2015-01-06 No Yes: 2015-01-15
kauppakv.fi Cross-site scripting 2015-01-05 Yes: 2015-01-08 Fixed thl.fi responded
tietopulssi.terveystalo.com Cross-site scripting 2015-01-05 Yes: 2015-01-08 Fixed
vilane.com Varian-system SQL-injection 2014-11-03 Yes 2014-11-03 Fixed
whereigotthat.com Malicious file, compromised site used in other attacks 2014-08-16 Yes 2014-08-20 Fixed
soulmadecosmetics.nl Malicious file, compromised site 2014-08-03 Yes 2014-08-02 Fixed
https://mhhkiweb1.matkahuolto.fi/ Cross-site scripting vulnerability 2014-05-18 Yes 2014-05-19 Fixed 2015-06-06 Contacted CERT-FI 2015-06
https://pizza-online.fi/ Cross-site scripting vulnerability, Cross-site request forgery 2014-01-13 Yes 2014-13 Fixed CTO responded and gave money to site account for food :)
Azure cloud server Compromised virtual server attacking other hosts 2014-01-11 Yes 2014-11 (ticket was closed 2014-11-18) Fixed Microsoft Online Services Security Incident Response Team responded
http://www.viherpeukalot.fi/ Cross-site scripting 2012-06-04 Yes 2012-06-04 Fixed