Hack try via api/v3/users/login

Somebody found out - and I have no frigging idea how - the db id from my admin and logged in via api as such.

Luckily it ruined “only” my config and with restore of config everything should be fine.

Heck - anybody had a similar experience?

Edit: 4.6.0 on IIS