Infodrom Software CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH Infodrom Software CVE published 2023-07-25

CVE-2023-35067

CVE-2023-35067 is a high-severity information disclosure issue in Infodrom E-Invoice Approval System before v20230701. According to the published description, the product stores a password in plaintext, which can allow sensitive strings to be read from an executable. The NVD record rates the issue as network-reachable, no-authentication, no-user-interaction, with high confidentiality impact.

CRITICAL Infodrom Software CVE published 2023-07-25

CVE-2023-35066

CVE-2023-35066 is a critical SQL injection vulnerability in Infodrom's E-Invoice Approval System affecting versions before v.20230701. The issue was published on 2023-07-25 and is mapped to CWE-89, with NVD listing a CVSS 3.1 vector of network-accessible, no-authentication, no-user-interaction impact rated 9.8 Critical.