PayPal’s Marketing web service suffered from a remote code execution vulnerability due to running a JDWP server.