This advisory details a SQL injection vulnerability in SocialEngine 4.8.9, where the 'orderby' parameter in the '/index.php' script is insufficiently sanitized. The writeup includes a time-based SQL injection proof-of-concept to demonstrate the vulnerability.