Advanced School Management System is a school management system developed by Angel Jude Reyes Suarez. v1.0 of Advanced School Management System is vulnerable to SQL injection, which originates from /school/model /get_timetable.php?id=The page lacks validation for external SQL statements, which could be exploited to execute illegal SQL commands to steal sensitive database data.