Ousl · Brinarybrains School Student Management System · CVE-2026-10168
**Name of the Vulnerable Software and Affected Versions**
OUSL-GROUP-BrinaryBrains School Student Management System versions prior to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6
**Description**
Improper control of resource identifiers in the `marks()` function within the 'application/controllers/Parents.php' file allows for remote attacks. This issue is triggered by the manipulation of the `param1` argument.
**Recommendations**
Update to a version later than 1e70e5ad1125b86dca4ee086eb6bb121f17708b6.
As a temporary workaround, restrict access to the `marks()` function in the 'application/controllers/Parents.php' file.