Angtas

**Name of the Vulnerable Software and Affected Versions** itsourcecode School Management System version 1.0 **Description** A flaw exists in itsourcecode School Management System that allows for remote code execution. The issue is related to the manipulation of the `ay` argument in the file '/ramonsys/report/index.php', leading to a SQL injection. The exploit is publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.