EllisLab ExpressionEngine Core versions before 2.9.0 suffer from multiple authenticated remote SQL injection vulnerabilities.