Adminer
During the late stage of the Web enumeration phase, a new file has been unveiled from fuzzing the newly discovered directory; /utility-scripts/adminer.php
It’s a login page of Adminer
adminer (formerly known as phpMinAdmin) is a tool for managing content in databases. It natively supports MySQL, MariaDB, PostgreSQL, SQLite, MS SQL, Oracle, Elasticsearch and MongoDB. Adminer is distributed under Apache license (or GPL v2) in a form of a single PHP file (around 470 KiB in size). Its author is Jakub Vrána who started to develop this tool as a light-weight alternative to phpMyAdmin, in July 2007. Adminer got some attention in 2008 when it made it to the CCA finals at SourceForge. Also, first webhosting providers started to include Adminer as MySQL managing tool into their portfolio of services. In 2012 Adminer got coverage on Linux.com for the second time. The project’s priorities, according to its author, are (in this order): safety, user-friendliness, performance, functionality, and size.
I tried all the credentials found up until now, but none of them worked
Vulnerability
Since the version information is disclosed, I will look for vulnerabilities online
Adminer 4.6.2
Looking it up online reveals a single vulnerability; CVE-2021-43008
This seems to be remote file read vulnerability, achieved through a rogue MySQL server and it doesn’t seem to require authentication in the first place.