Computer Laboratory Management System version 1.0 suffers from an insecure direct object reference vulnerability.