NGINX is configured to forward PHP pages requests to PHP-FPM processor,
fastcgi_split_path_info directive is present in the configuration and includes a regular expression beginning with a '^' symbol and ending with a '$' symbol,
PATH_INFO variable is defined with fastcgi_param directive,
There are no checks like try_files $uri =404 or if (-f $uri) to determine whether a file exists or not.
ah, le premier qui soit si clair, je cite :
This is not a vulnerability in openssh, so it doesn't affect the ssh that we all use every day. libssh2 is a client-side C library, which enables applications to connect to an SSH server. This also isn't a vulnerability in libssh, which is an unrelated C library which provides similar functionality to libssh2.