source: https://www.securityfocus.com/bid/9910/info It has been reported that vCard is prone to a remote authentication bypass vulnerability. This issue is due to a design error that would allow a malicious user access to certain admin functionality without having to first authenticate to the application. This issue may be leveraged to manipulate the application database, potentially destroying data. http://www.example.com/vcard/admin/uninstall.php http://www.example.com/vcard/admin/uninstall.php?step=2