mini-sql v 2.0.10.1

 Exploit:

   http://www.victim.org/cgi-bin/w3-msql/protected-dir/private-file

     note: in  this case,  the intruder will have  to already
     know the structure of the directory.  The second way:

   http://www.victim.org/cgi-bin/w3-msql/protected-dir/.htpasswd

     And then you use John The Ripper to decrypt the DES3 encrypted
     passwords.