Cross Site Scripting (XSS) vulnerability in the func parameter in eyoucms v.1.6.5 allows a remote malicious user to run arbitrary code via crafted URL.
eyoucms eyoucms 1.6.5