Hello participants of Mailing List. This month I've wrote two new articles. So I'll tell you briefly about my last publications about bypassing filters and Information Leakage in local search engines. This topics should be interesting for you (especially for those, who haven't read them before). 1. Bypassing filters for conducting XSS attacks http://websecurity.com.ua/6323/ In this article I've told about my research (made at 3rd of February 2008) about bypassing filters for conducting XSS attacks at web sites. Particularly with using of special characters for dividing tag's name and its properties. The results of updated test of all my browsers is present (11 browsers - different versions of Mozilla, Mozilla Firefox, Internet Explorer, Chrome and Opera). The program for testing of the browser for supported characters for XSS attacks is placed at my site (http://websecurity.com.ua/xss_evasion/). 2. Information Leakage in local search engines http://websecurity.com.ua/6354/ In this article I've told about advanced method of finding Information Leakage vulnerabilities, which I've developed in January 2008. Unlike google hacking, about which I've wrote multiple articles and showed multiples examples how to find millions of Full path disclosure and Information Leakage vulnerabilities, in this case I wrote about using of local search engines. On example of one local search engine I showed how it could be to vulnerable to Information Leakage. Particularly it can lead to Source Code Disclosure, which allows leakage of logins, passwords and other sensitive information (from sources of the scripts). Best wishes & regards, MustLive Administrator of Websecurity web site http://websecurity.com.ua