How to Use the Exploits Found in Vega Scan

Hi all null byters!!:)

i scanned a website using nikto first and just got the information about the server etc,but didnt find any vulnerability.Then on the suggestion of one of the co-null byte friend,i scanned the website using vega.Vega showed me 5 high vulnerabilities of which 2 were that of-clear password over HTTP,and the other 3 being Sql injections,now just leaving Clear password over HTTP aside how can we exploit the SQL injections.I mean we need a proper SQL vunerable URL to use it through SQLMAP in kali,vega didn't show any specific URL or directory,now how can i get the required SQL vunerable URL or atleast how to exploit it in other ways and any information about-Clear passwords though HTTP is also welcome..

sry for the long post,

Thank you...