Nginx+Php-fpm Dangerous Bug

escavern nginx-forum at
Sat Dec 3 09:05:29 UTC 2011

Also your script is broken since you grab the value from the URI
without doing any filtering. So you're setting yourself up for being
exploited. Even with a safe configuration.

Until now im unable to find which script caused hacker can access
phpshell formed in Image
that's just a script i found in google and its not supposed to be
running and unable to executed on Apache
see this: <---------------- using
Apace and phpshell unable to executed
why does it wont executed on Apache but executed on Nginx? this is very
freaking me out

i wish someone can help me to stop it executed like apache does.

Posted at Nginx Forum:,219532,219536#msg-219536

More information about the nginx mailing list