Brazilian Navy and Pakistan Army websites are found to be affected by the SQL Injection vulnerability. The hacker tweeted few links that contains the proof-of-concepts(http://sprunge.us/ZUHM, sprunge.us/ZdKY, sprunge.us/CJGO)
The vulnerability exists in the Board of Historic & Documentation Navy(biblioteca.dphdm.mar.mil.br), Department of Distance Education(ead.densm.mar.mil.br) and Pakistan Army(www.pakistanarmy.gov.pk).
The POCs exposes the target database details including database name, database version and table details.
The same hacker yesterday hacked into the Royal Thai Navy website and leaked the login information from the database.