diff --git a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson10.java b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson10.java
index aeb62efa5..2fd3fdb3a 100644
--- a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson10.java
+++ b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson10.java
@@ -72,7 +72,6 @@ public class SqlInjectionLesson10 extends AssignmentEndpoint {
                 return true;
             }
         }
-
         return false;
     }
 
diff --git a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson8.java b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson8.java
index b12c392af..f7144f893 100644
--- a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson8.java
+++ b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson8.java
@@ -78,7 +78,6 @@ public class SqlInjectionLesson8 extends AssignmentEndpoint {
             while (results.next()) {
                 t.append("<tr>");
                 for (int i = 1; i < (numColumns + 1); i++) {
-                    System.out.println(results.getString(i));
                     t.append("<td>" + results.getString(i) + "</td>");
                 }
                 t.append("</tr>");
diff --git a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson9.java b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson9.java
index 97b8c0b22..dfee40190 100644
--- a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson9.java
+++ b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson9.java
@@ -35,10 +35,9 @@ public class SqlInjectionLesson9 extends AssignmentEndpoint {
                 SqlInjectionLesson8.log(connection, query);
                 ResultSet results = statement.executeQuery(query);
 
-                results.first();
-
-                ResultSetMetaData resultsMetaData = results.getMetaData();
-                output.append(SqlInjectionLesson8.generateTable(results, resultsMetaData));
+                if (results != null && results.first()) {
+                    output.append(SqlInjectionLesson8.generateTable(results, results.getMetaData()));
+                }
             } catch (SQLException e) {
                 System.err.println(e.getMessage());
                 return checkSalaryRanking(connection, output);
@@ -59,11 +58,10 @@ public class SqlInjectionLesson9 extends AssignmentEndpoint {
             ResultSet results = statement.executeQuery(query);
 
             results.first();
-
             // user completes lesson if John Smith is the first in the list
             if ((results.getString(2).equals("John")) && (results.getString(3).equals("Smith"))) {
                 output.append(SqlInjectionLesson8.generateTable(results, results.getMetaData()));
-                return trackProgress(success().feedback("sql-injection.9.success").feedbackArgs(output.toString()).build());
+                return trackProgress(success().feedback("sql-injection.8.success").feedbackArgs(output.toString()).build());
             } else {
                 return trackProgress(failed().output(output.toString()).build());
             }
diff --git a/webgoat-lessons/sql-injection/src/main/resources/i18n/WebGoatLabels.properties b/webgoat-lessons/sql-injection/src/main/resources/i18n/WebGoatLabels.properties
index 83568052b..94703284e 100644
--- a/webgoat-lessons/sql-injection/src/main/resources/i18n/WebGoatLabels.properties
+++ b/webgoat-lessons/sql-injection/src/main/resources/i18n/WebGoatLabels.properties
@@ -38,6 +38,8 @@ sql-injection.6b.no.results=No results matched. Try Again.
 
 sql-injection.8.success=You have succeeded! You successfully compromised the confidentiality of data by viewing internal information that you should not have access to. Well done! {0}
 sql-injection.8.no.results=No employee found with matching lastname. Or maybe your authentication TAN is incorrect?
+sql-injection.9.success=Well done! Now you're earning the most money. And at the same time you successfully compromised the integrity of data by changing the salary! {0}
+sql-injection.10.success=Success! You successfully deleted the access_log table and that way compromised the availability of the data.
 
 SqlStringInjectionHint8-1=The application is taking your input and inserting the values into the variables 'name' and 'auth_tan' of the pre-formed SQL command.
 SqlStringInjectionHint8-2=Compound SQL statements can be made by expanding the WHERE clause of the statement with keywords like AND and OR.
@@ -45,16 +47,12 @@ SqlStringInjectionHint8-3=Try appending a SQL statement that always resolves to
 SqlStringInjectionHint8-4=Make sure all quotes (" ' ") are opened and closed properly so the resulting SQL query is syntactically correct.
 SqlStringInjectionHint8-5=Try extending the WHERE clause of the statement by adding something like: ' OR '1' = '1.
 
-sql-injection.9.success=Well done! Now you're earning the most money. And at the same time you successfully compromised the integrity of data by changing the salary. {0}
-
 SqlStringInjectionHint9-1=Try to find a way, to chain another query to the end of the existing one.
 SqlStringInjectionHint9-2=Use the ; metacharacter to do so.
 SqlStringInjectionHint9-3=Make use of DML to change your salary.
 SqlStringInjectionHint9-4=Make sure that the resulting query is syntactically correct.
 SqlStringInjectionHint9-5=How about something like '; UPDATE employees....
 
-sql-injection.10.success=Success! You successfully deleted the access_log table and that way compromised the availability of the data.
-
 SqlStringInjectionHint10-1=Use the techniques that you have learned before.
 SqlStringInjectionHint10-2=The application takes your input and filters for entries that are LIKE it.
 SqlStringInjectionHint10-3=Try query chaining to reach the goal.
diff --git a/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content10.adoc b/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content10.adoc
index 633bc8215..d98f526cb 100644
--- a/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content10.adoc
+++ b/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content10.adoc
@@ -4,5 +4,5 @@ After successfully compromising confidentiality and integrity in the previous le
 === It's your turn!
 Now you're the top earner in your company.
 But do you see that?
-There seems to be a table, where all your actions have been logged to! +
+There seems to be a access_log table, where all your actions have been logged to! +
 Better go and delete it quickly before anyone notices.