A design flaw in the file transfer interaction between a client host and a MySQL server allows the latter to request from the former any data the client user has read access to. […]
Article Link: https://www.bleepingcomputer.com/news/security/mysql-design-flaw-allows-malicious-servers-to-steal-files-from-clients/