Capybaras

ID	Name	Age	Weight	Secret
1	Sophia Singleton	71	37	K79238126
2	Kari Nelson	100	52	F00749878
3	Angela Rodriguez	52	35	L56966615

Solution

1. Enter ', send request and observe the error.

2. Enter ' or 1=1 -- and obtain the flag.

Explanation: in query SELECT * FROM capybaras WHERE name ='1' or 1=1 -- ':

injected quote ' closes the name value
or add a new check to the existing name = ''
1=1 is always True
-- is a comment symbol in SQLite syntax. Everything after the comment symbol is meaningless to SQL parser

So we have created such query, that returns every value of a table capybaras, because WHERE is equls to True for every row of the table.