Adbucter

**Name of the Vulnerable Software and Affected Versions** Hesk version 0.92 **Description** The issue concerns a problem with username and password verification in the software. Remote attackers can bypass authentication by making a direct request to the "admin main.php" API endpoint. **Recommendations** For Hesk version 0.92, consider disabling access to the "admin main.php" endpoint until a proper fix is available to prevent unauthorized access.