diff --git a/gulliver/system/class.dbMaintenance.php b/gulliver/system/class.dbMaintenance.php
index f4f849bbe..5dbac67aa 100755
--- a/gulliver/system/class.dbMaintenance.php
+++ b/gulliver/system/class.dbMaintenance.php
@@ -502,7 +502,7 @@ class DataBaseMaintenance
             $data .= ");\n";
         }
 
-        $data = $filter->xssFilterHard($data);
+        $data = $filter->preventSqlInjection($data);
         printf( "%-59s%20s", "Dump of table $table", strlen( $data ) . " Bytes Saved\n" );
         return $data;
     }
diff --git a/workflow/engine/methods/users/users_ViewPhoto.php b/workflow/engine/methods/users/users_ViewPhoto.php
index b4fc4cc66..2f2ffd03b 100755
--- a/workflow/engine/methods/users/users_ViewPhoto.php
+++ b/workflow/engine/methods/users/users_ViewPhoto.php
@@ -91,6 +91,9 @@ function DumpHeaders ($filename)
     }
 
     //$filename = PATH_UPLOAD . "$filename";
+    G::LoadSystem('inputfilter');
+    $filter = new InputFilter();
+    $filename = $filter->xssFilterHard($filename, 'path');
     readfile( $filename );
 }