EyouCMS <= 1.6.0 exists a reflected-XSS in the FileManager component in GET parameter "filename" when editing any file.
eyoucms eyoucms