EIP-2026-106123

This exploit demonstrates an XPath injection vulnerability in Concrete5 CMS v9.1.3 by injecting a malicious payload into the URL path, resulting in an internal server error and potential information leakage.