Cross Site Scripting (XSS) vulnerability exists in Eyoucms v1.4.7 and previous versions via the addonfieldext parameter.
eyoucms eyoucms