Walow

**Name of the Vulnerable Software and Affected Versions** Stylemix MasterStudy LMS masterstudy-lms-learning-management-system versions prior to 3.7.30 **Description** Improper neutralization of special elements used in an SQL command allows for Blind SQL Injection. This occurs when the application fails to properly sanitize user-supplied data before incorporating it into a database query, enabling an attacker to infer information from the database by observing the application's response to specific queries. **Recommendations** Update to a version newer than 3.7.29.