Vulnerability title: Multiple Authenticated SQL Injections in EllisLab ExpressionEngine Core CVE: CVE-2014-5387 Vendor: EllisLab Product: ExpressionEngine Core Affected version: Versions earlier than 2.9.0 Fixed version: 2.9.1 Reported by: Jerzy Kramarz and Alex Murillo Moya Details: SQL injection has been found and confirmed within the software as an authenticated...