a website is vulnerable, if:

NGINX is configured to forward PHP pages requests to PHP-FPM processor,
fastcgi_split_path_info directive is present in the configuration and includes a regular expression beginning with a '^' symbol and ending with a '$' symbol,
PATH_INFO variable is defined with fastcgi_param directive,
There are no checks like try_files $uri =404 or if (-f $uri) to determine whether a file exists or not.