CV (silver, 100p)

Investigate the CV page. Can you find the vulnerability? http://10.XX.32.135/
Find your way in and read flag from /home/flag.txt

solution

Opening webpage returns CV of C'thulhu with a contact form powered by PHPMailer.

screenshot of contact form

There is a very popular vulnerability for PHPMailer - CVE-2016-10033, which has multiple of write-ups, e.g, by Fortinet or Legal Hackers.

Therefore, flag was obtained by using random CVE-2016-10033 exploit from Exploit Database.