Cross Site Scripting (XSS) vulnerability in YzmCMS 7.0 allows malicious users to run arbitrary code via Ads Management, Carousel Management, and System Settings.