Submission: 721493 Title: Seeyou Collaborative Platform V1.0 SQL Injection Description: A SQL injection vulnerability was found in the "/carManager/carUseDetailList.j%73p" file. Attackers can inject malicious code from the "CAR_BRAND_NO" parameter after logging in with valid credentials. The application fails to properly sanitize or validate this input, leading to unauthorized SQL query manipulations. Source: GitHub issue User: yuxiu (UID 93752) Submission Date: 12/22/2025 03:30 PM Moderation Date: 01/01/2026 12:19 PM Status: Accepted VulDB Entry: 339349 - Seeyon Zhiyuan OA Web Application System up to 20251222 carUseDetailList.j%73p CAR_BRAND_NO sql injection Points: 20