Submit #802081: dubydu sqlite-mcp 0.1.0 Pathname Traversalinfo

Titledubydu sqlite-mcp 0.1.0 Pathname Traversal
DescriptionThe extract_to_json MCP tool writes query results to the caller-controlled output_filename with no root restriction. The code appends a .json suffix if needed, but it does not canonicalize the destination or confine it to the database directory. This allows an attacker to write database contents to an arbitrary JSON path writable by the service account.
Source⚠️ https://github.com/dubydu/sqlite-mcp/issues/1
User SmallW (UID 97245)
Submission04/10/2026 14:46 (3 months ago)
Moderation04/27/2026 16:05 (17 days later)
StatusAccepted
VulDB entry359806 [dubydu sqlite-mcp up to 0.1.0 src/entry.py extract_to_json output_filename sql injection]
Points19

Do you need the next level of professionalism?

Upgrade your account now!