Brazil Navy and Pakistan Army websites hacked by SQL Injection. These security breaches are going to be next examples for the Government careless about the cyber security. The hacker @WilyXem found two more Army websites are vulnerable to SQL Injection.
Brazilian Navy and Pakistan Army websites are found to be affected by the SQL Injection vulnerability. The hacker tweeted few links that contains the proof-of-concepts(http://sprunge.us/ZUHM, sprunge.us/ZdKY, sprunge.us/CJGO)
The vulnerability exists in the Board of Historic & Documentation Navy(biblioteca.dphdm.mar.mil.br), Department of Distance Education(ead.densm.mar.mil.br) and Pakistan Army(www.pakistanarmy.gov.pk).
The POCs exposes the target database details including database name, database version and table details.
The same hacker yesterday hacked into the Royal Thai Navy website and leaked the login information from the database.