Several vulnerabilities have been fixed on the latest phpMyAdmin, one of which is:

Local file contains (CVE-2018-19968) – At least the phpMyAdmin version from 4.0 to 4.8.3 has a local file containing vulnerability that allows remote attackers to pass sensitive functions to retrieve sensitive content from local files on the server.

http://aq.mk/index.php/archives/23/