Arbitrary Code Execution Vulnerability in Shenzhim AAPTJS 1.3.1

Arbitrary Code Execution Vulnerability in Shenzhim AAPTJS 1.3.1

CVE-2020-26707 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

An issue was discovered in the add function in Shenzhim AAPTJS 1.3.1 which allows attackers to execute arbitrary code via the filePath parameter.

Learn more about our Web Application Penetration Testing UK.