Phpmyadmin Hacktricks [verified] Link

If direct file writing is restricted, attackers may enable the General Query Log , set the log file path to a .php file in the webroot, and execute a query containing PHP code to "poison" the log. III. Security Hardening Best Practices

In versions < 4.6.2, a crafted .sql upload combined with preg_replace's /e modifier leads to code execution. Requires $cfg['AllowArbitraryServer']=true . phpmyadmin hacktricks