[H1-2006 2020] Solution for the h1-2006 CTF challenge

Hi, The flag is `^FLAG^736c635d8842751b8aafa556154eb9f3$FLAG$`. I didn't know I can send it prior to the report until I saw some disclosed solutions from the previous challenges. The report will follow later today. Regards @thehackerish ## Impact Multiple vulnerabilities on `*.bountypay.h1ctf.com` allow an unauthenticated remote attacker to access the BountyPay customer application as `Marten Mickos` and pay May's bounties.