In both cases it means that the application does not filter the data received from the clients, and so an attacher can enter additional statements to the query, for example, you receive a GET request on this link:
This is my local host which is vulnerability for Blind SQL Injection http://localhost/xxxx/index.php
The acunetix web vulnerability scanner gives this result
This vulnerability affects /xxxx/index.php/%E2%80%8Cmajor/3206-0.html.
Discovered by: Scripting (Blind_Sql_Injection.script).
URL encoded POST input ARTICLE_id was set to -1' or 11 = '9
How can I use blind SQL Injection attack to see error according this Attack details ?
Is it something like this http://localhost/xxxx/index.php/ARTICLE_id=-1’
Is it right? when I do it? I got this meeage
Page Not Found
The requested URL was not found on this server.
If you believe this page should be here, please notify administrator.