There are several methods to transition from database access to a web shell:
Once inside, the attacker checks SELECT @@version , SELECT @@secure_file_priv , and SHOW VARIABLES LIKE 'basedir' . phpmyadmin hacktricks
Still the most common lab example for version 4.8.0/4.8.1. Attackers use the There are several methods to transition from database