CVE-2019-11043 is a critical vulnerability in Nginx and PHP-FPM configurations that allows remote code execution (RCE) by exploiting how data is processed from URLs, potentially compromising servers running affected PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24, and 7.3.x below 7.3.11. This vulnerability arises due to the way Nginx forwards data to PHP-FPM, where an encoded newline character in the URL path can manipulate the PATH_INFO variable, leading to arbitrary code execution on the server. The vulnerability is particularly concerning as it can allow attackers to gain control over the server, access internal services, or steal stored data. Remediation involves updating the PHP installation and hardening Nginx configurations to prevent such exploits. Detectify, a security platform, has incorporated tests for this vulnerability, allowing users to scan their web applications for this and other potential security issues, offering a 14-day free trial to assess the security status of their applications.