Vortfu

**Name of the Vulnerable Software and Affected Versions** Drupal Core version 7.70 and prior versions. **Description** The issue is related to an Open Redirect vulnerability that allows a user to be tricked into visiting a specially crafted link, redirecting them to an arbitrary external URL. This is due to insufficient input validation, which can be exploited by a remote attacker to access and compromise confidential data using a specially crafted link. **Recommendations** For Drupal Core version 7.70 and prior versions, update to a version that contains a fix for this issue. As a temporary workaround, consider restricting access to external URLs to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: EQdkp version 1.3.2f Description: The issue allows remote attackers to bypass user authentication. This is achieved through a SQL injection vulnerability in the login.php file, specifically via the `user id` parameter. Recommendations: For EQdkp version 1.3.2f, avoid using the `user id` parameter in the affected login.php file until the issue is resolved. Consider temporarily restricting access to the login functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.