Cross Site Scripting (XSS) vulnerability in is_water parameter in eyoucms v.1.6.5 allows a remote malicious user to run arbitrary code via crafted URL.
eyoucms eyoucms 1.6.5