MOSEB-16: Vulnerabilities at

21:46 16.06.2007

Next participant of the project is My Way search engine. It is one of the popular meta search engines (in USA).

The vulnerabilities are at My Way ( in search results. These Cross-Site Scripting holes I found 27.05.2007.


The vulnerabilities are in searchfor, st and ptnrS parameters:

Moral: searching in meta engines can be risky.

Note, that My Way engine belongs to IAC Search & Media. So also responsible for these vulnerabilities (as for their own at MOSEB-10 and MOSEB-10 Bonus).

Leave a Reply

You must be logged in to post a comment.