Urban Dictionary: Bypass voting restriction due to HTTP Header Injection

It is possible to bypass the voting restriction by adding a specially crafted HTTP-Header. The underlying algorithm uses the ip address to restirct the voting of a user. However, by manipulating the IP-Adress via adding the HTTP-Header "X-Forwarded-For" it is possible to vote a entry up or down...

Coppermine Photo Gallery Voting Restriction Bypass

The remote host is running Coppermine Gallery - a set of PHP scripts designed to handle galleries of pictures. This product has a vulnerability which allows a remote attacker with cookies disabled to cast multiple votes for a picture. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...