Pretty classic SQL injection leading to PHP remote command execution. Privilege escalation through SUID systemctl was fun.
systemctl
https://hackso.me/jarvis-htb-walkthrough/