mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-05 18:27:17 +00:00
905 B
905 B
CVE-2023-34634
Description
Greenshot 1.2.10 and below allows arbitrary code execution because .NET content is insecurely deserialized when a .greenshot file is opened.
POC
Reference
- http://packetstormsecurity.com/files/173825/GreenShot-1.2.10-Arbitrary-Code-Execution.html
- http://packetstormsecurity.com/files/174222/Greenshot-1.3.274-Deserialization-Command-Execution.html
- https://greenshot.atlassian.net/browse/BUG-3061
- https://www.exploit-db.com/exploits/51633