Pyro CMS version 3.9 suffers from a server-side template injection vulnerability.
b4222e8a44749f81693f1c9d7b2c399f369bc23d6b78bbd59924ce9c0a518081
Uvdesk version 1.1.3 suffers from a remote shell upload vulnerability.
785a58fce3185616f8ebb56cc4c3498d9ba2782170d34b1c487a14564309a3e1