Hey! I am searching for my first bug and have a question. If I try to inject SQL query i get “Access Denied” error:
But if i double encode this query it loads the page, but gives me non-empty result (my query “AND 2=1” should always be false)
My question is - does this mean that there is an SQL injection and double encoding bypasses filter?