© Sutton's Sanctuary 2026. All Rights Reserved.
Though rare in recent versions, older phpMyAdmin releases had SQL injection vulnerabilities in its own interface (e.g., CVE-2015-2208, CVE-2016-6628).
Attackers could bypass login or execute arbitrary queries without valid credentials.
phpMyAdmin is a free software tool written in PHP, intended to handle the administration of MySQL/MariaDB over the web. It is frequently targeted by attackers due to its prevalence and potential for privilege escalation.
From phpMyAdmin SQL tab:
SELECT * FROM information_schema.tables INTO OUTFILE '/tmp/db_dump.sql';
Or use built-in export (less stealthy but faster).
In very old phpMyAdmin versions (pre-4.0), /setup/ was accessible and could rewrite config files, allowing authentication bypass or code injection. phpmyadmin hacktricks verified
Once inside phpMyAdmin (with any user-level access), the attack escalates rapidly.
PHPMyAdmin is vulnerable to LFI attacks due to improper input validation. An attacker can exploit this vulnerability to read sensitive files on the server. Though rare in recent versions, older phpMyAdmin releases
Exploitation Steps:
Mitigation:
SELECT * FROM information_schema.SCHEMATA; -- all databases
SELECT * FROM information_schema.TABLES;
SELECT * FROM mysql.user; -- password hashes
Modern MySQL caches authentication plugin data – but authentication_string still yields hash cracking (cached SHA256 or mysql_native_password).
John the Ripper format: mysql_native_password hashes crackable with john --format=mysql-sha1 hash.txt. phpMyAdmin is a free software tool written in
© Sutton's Sanctuary 2026. All Rights Reserved.