Knowledgebase: General

Why is my PCI Scan Returning a "PHP-CGI Argument Injection " error?


Your PCI scan may be reporting a "PHP-CGI Argument Injection" or similar error about your Shift4Shop website.

This is a False Positive and you'll need to get back to the company that performed the audit so they can flag it this way.

The system is not vulnerable to remote file inclusion via PHP-CGI argument injection as our software is not compatible with PHP. Also, we use Cloudflare to protect our sites. The Cloudflare Web Application Firewall (WAF) identifies and removes suspicious activity for HTTP GET and POST requests. 

Help Desk Software by Kayako fusion