cpe:/a:1scripts:z1exchange:1.0 CVE-2008-6284 2009-02-25T18:30:00.813-05:00 2017-09-28T21:33:04.293-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-02-26T09:37:00.000-05:00 ALLOWS_OTHER_ACCESS BID 32556 EXPLOIT-DB 7311 XF z1exchange-edit-sql-injection(46938) SQL injection vulnerability in edit.php in Z1Exchange 1.0 allows remote attackers to execute arbitrary SQL commands via the site parameter.