Web applications usually store information in a SQL server in order to, for example, show them to other users. When the application developer uses unvalidated user controlled variables as part of a SQL query; a SQL injection or Blind SQL injection vulnerability is being introduced into the application.
When an attacker executes SQL Injection attacks, sometimes the server responds with error messages from the database server complaining that the SQL Query's syntax is incorrect. Blind SQL injection is identical to normal SQL Injections except that when an attacker attempts to exploit an application, rather then getting a potentially useful error message, they get a generic page specified by the developer instead. This makes exploiting a potential Blind SQL Injection attack more difficult but not impossible. An attacker can still retrieve valuable information and potentially execute operating system commands by asking a series of True and False questions through SQL statements.