CVE-2004-1828 Information

Description

Vcard 2.9 and possibly other versions does not require authorization to run uninstall.php which could allow remote attackers to uninstall Vcard and delete database tables via a direct request to uninstall.php.

Reference

http://marc.info/?l=bugtraq&m=107957312531199&w=2 http://www.securityfocus.com/bid/9910 https://exchange.xforce.ibmcloud.com/vulnerabilities/15522