CVE-2026-42730

Name of the Vulnerable Software and Affected Versions Stylemix MasterStudy LMS masterstudy-lms-learning-management-system versions prior to 3.7.30

Description Improper neutralization of special elements used in an SQL command allows for Blind SQL Injection. This occurs when the application fails to properly sanitize user-supplied data before incorporating it into a database query, enabling an attacker to infer information from the database by observing the application's response to specific queries.

Recommendations Update to a version newer than 3.7.29.