SQL Injection with RFID-Cards

I thought it wouldn't work...but apparently, something happend. A few days ago, i checked a local RFID System...I wanted to know, how it is working and so on... The card looks something like this:

0000000: adb0 a0a3 1e88 0400 468f 3658 5570 3710  ........F.6XUp7.
0000010: 0000 0000 0000 0000 0000 0000 0000 0000  ................
0000020: 0000 0000 0000 0000 0000 0000 0000 0000  ................
0000030: c0c1 c2c3 c4c5 7f07 8800 bcbc bcbc bcbc  ................
0000040: 4445 0000 xxxx xx00 0000 0000 0000 0000  DE..xxx.........
0000050: xxxx xxxx xxxx xxxx xxxx xx00 0000 0000  xxxxxxxxxxx.....
0000060: 0000 0000 0000 0000 0000 0000 0000 0000  ................
0000070: 3636 3636 3636 7f07 8800 dede dede dede  666666..........
0000080: 0000 0000 0000 0000 0000 0000 0000 0000  ................
0000090: 0000 0000 0000 0000 0000 0000 0000 0000  ................
00000a0: 0000 0000 0000 0000 0000 0000 0000 0000  ................

the x'es represent numbers on the card. i blanked them out, coz they are mine ;) I thought, the uid, which is stored on the card, has to be looked up in a database. So i figured, let's try a sql injection:

0000040: 4445 0000 xxxx xx00 0000 0000 0000 0000  DE..xxx.........
0000050: 3030 2220 6f72 2031 3d31 2200 0000 0000  00" or 1="1.....

and what do you know....the application didn't say it can't read the card...it just went down...the application crashed with some kind of error, which was written in dutch. I don't know what happend, i think i may have overburdened the server with this request. But ... why?!? That's the worst security error i discovered in a looong time. And it gets even better...which is another bedtime story ;) so long