SQL injection vulnerability in edit.php in Z1Exchange 1.0 allows remote malicious users to execute arbitrary SQL commands via the site parameter.
1scripts z1exchange 1.0