Advanced School Management System, a school management system by Angel Jude Reyes Suarez, a personal developer, has a SQL injection vulnerability in version v1.0, which originates in /school/model/ get_events.php?event_id=The page lacks validation for external input SQL statements, which could be exploited to execute illegal SQL commands to steal sensitive database data.