If secure_file_priv is set (prevents INTO OUTFILE ), use the method:
Older versions may have a /setup directory left accessible which can be used to reconfigure the server. phpmyadmin hacktricks
: Specific versions like 4.8.0 and 4.8.1 are vulnerable to a path traversal flaw (CVE-2018-12613). If secure_file_priv is set (prevents INTO OUTFILE ),
: If the MySQL user has file permissions and you know the absolute webroot path, you can write a PHP webshell directly to the server. Local File Inclusion (LFI) to RCE (CVE-2018-12613) but an exposed
These show that a fully patched phpMyAdmin is important, but an exposed, unpatched instance is a disaster waiting to happen.