An issue was discovered in the list function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters.

Vulnerability in list function leads to arbitrary code execution via filePath parameters