During the scan Kayran found that phpmyadmin might be exposed.
Which means, Anyone can access the Admin Login Panel, and anyone “bypassing” it can access and change the database.
An attacker, even without going through the Authentication process, could execute all sorts of arbitrary codes with the privileges and the capabilities of the Administrator.
Define and restrict which IP addresses will be allowed to access the “PhpMyAdmin” page.
Exclude the desired IP’s, so that only a few specific IP’s can access it, make sure only people you trust will get permission.