System	Score	Found at
epss	0.07985	https://api.first.org/data/v1/epss?cve=CVE-2009-4112
epss	0.07985	https://api.first.org/data/v1/epss?cve=CVE-2009-4112
epss	0.07985	https://api.first.org/data/v1/epss?cve=CVE-2009-4112
epss	0.07985	https://api.first.org/data/v1/epss?cve=CVE-2009-4112
epss	0.07985	https://api.first.org/data/v1/epss?cve=CVE-2009-4112
epss	0.07985	https://api.first.org/data/v1/epss?cve=CVE-2009-4112
epss	0.07985	https://api.first.org/data/v1/epss?cve=CVE-2009-4112
epss	0.07985	https://api.first.org/data/v1/epss?cve=CVE-2009-4112

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4112.json
		https://api.first.org/data/v1/epss?cve=CVE-2009-4112
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4112
542985		https://bugzilla.redhat.com/show_bug.cgi?id=542985
561339		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=561339
CVE-2009-4112;OSVDB-60653	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/33377.txt
CVE-2009-4112;OSVDB-60653	Exploit	https://www.securityfocus.com/bid/37145/info

Data source	Exploit-DB
Date added	Nov. 16, 2009
Description	Joomla! Component ProofReader 1.0 RC9 - Cross-Site Scripting
Ransomware campaign use	Known
Source publication date	Nov. 16, 2009
Exploit type	webapps
Platform	php
Source update date	May 16, 2014
Source URL	https://www.securityfocus.com/bid/37145/info

There are no known vectors.

Percentile	0.9205
EPSS Score	0.07985
Published At	April 1, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T14:57:28.725018+00:00	RedHat Importer	Import	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4112.json	38.0.0