Next participant of the project is InfoSpace search engine. It is one of the popular search engines (which mainly provide searching in Yellow Pages and White Pages, but also meta searching in Web and others).
The vulnerabilities are at InfoSpace (www.infospace.com) in White Pages search. These Cross-Site Scripting holes I found 27.05.2007.
The vulnerabilities are in qf and qn parameters:
Moral: searching in white pages can be dangerous.
Also I prepared another hole at InfoSpace. So wait for today’s bonus post .