Is "error with request" better than "invalid details?"

With this error you now know the type of vulnerability. I recommend having a look to this page https://www.owasp.org/index.php/Category:Attack. You should find out how to use this vulnerability.

Hmm, not sure that I follow. There’s lots of types of attacks listed and I can’t see any obvious similarities with the ones I’m familiar with.

This is my most recent attempt: >> a'=‘a’ or 1=1 or realname=‘Sandra Murphy

I thought the issue might be the order I was listing things, and this amends that, but still doesn’t work.

By looking at the hint you can guess that it is not a SQL injection, look at other injections that exist

Not sure the order the things are listed is the solution to your problem…

@YotM0DSeeker Oh, I’m aware that it’s >> an XPATH injection. I thought you were hinting at something else.

@dimooz Not sure what to make of this, but I’ll keep plugging away.

Oh ok. So if you know what it is you’re on the good way. You just have to keep trying until you get it right :) And having “error with request ” just means that you did an injection but it is not correct. When you have “Invalid details” means you wrote something that wasn’t interpreted as a request. So we can say that when you have “error with request” you’re getting closer to the solution.

Ahhhh, finally got it. Will close this now.