aiomysql allows arbitrary access to client files through vulnerability of a malicious MySQL server
The client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server.