MOSEB-20: Vulnerabilities at

18:36 20.06.2007

Next participant of the project is WebCrawler search engine. It is one of the popular meta search engines.

The vulnerabilities are at WebCrawler Web Search ( in White Pages search. These Cross-Site Scripting holes I found 26.05.2007.


The vulnerabilities are in qf and qn parameters:

Moral: using white pages search can be dangerous.

Note, that WebCrawler engine belongs to InfoSpace, Inc. So they also responsible for these vulnerabilities.


Also I prepared another interesting bug. So wait for today’s bonus post ;-) .

Leave a Reply

You must be logged in to post a comment.