A vulnerability was found in weng-xianhu EyouCMS up to 1.7.1 . It has been declared as critical . This issue affects some unknown processing of the file /index.php of the component API . Such manipulation of the argument click_like leads to sql injection. This vulnerability is documented as CVE-2026-13569 . The attack can be executed remotely. Additionally, an exploit exists. The project was informed of the problem early through an issue report but has not responded yet.