I was able to find the first vulnerabilty and exploit it to get access to another dashboard. But now im stuck on the second part where I have to input a code to proceed. I assume its a Host Header Injection, which I tried several attacks. But im stuck. Anyone willing to give me a nudge?