Next participant of the project is Yahoo search engine. It is 2nd of the top search engines in world.
The vulnerability is in Image Search of Yahoo! Search (http://images.search.yahoo.com). This Cross-Site Scripting hole I found 08.04.2007.
The vulnerability is in rcurl parameter:
Moral: searching for images can be dangerous.