[patched] | Phpmyadmin Hacktricks

SELECT user, host, authentication_string FROM mysql.user; SELECT grantee, privilege_type FROM information_schema.user_privileges;

| CVE | Impact | Fixed in | |-----|--------|----------| | CVE-2016-5734 | Brute force using $cfg['AllowArbitraryServer'] | 4.6.3 | | CVE-2018-12613 | File inclusion via target=db_sql.php?/../../ | 4.8.1 | | CVE-2019-12922 | CSRF + RCE | 4.9.0.1 | phpmyadmin hacktricks