Adminer is a popular PHP tool to administer MySQL and PostgreSQL databases. However, it can be lured to disclose arbitrary files. Attackers can abuse that to fetch passwords for popular apps such as Magento and WordPress, and gain control of a site’s database.

https://gwillem.gitlab.io/2019/01/17/adminer-4.6.2-file-disclosure-vulnerability/