CVE-2025-7015
5.7 MEDIUMSession Fixation vulnerability in Akın Software Computer Import Export Industry and Trade Ltd
Published: 2026-01-29 · Last updated: 2026-06-05
Severity and scoring
- CVSS
- 5.7 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
- CWE
- CWE-384
Affected products
| Vendor | Product |
|---|---|
| akinsoft | qr_menu |
Description
Session Fixation vulnerability in Akın Software Computer Import Export Industry and Trade Ltd. QR Menu allows Session Fixation. This issue affects QR Menu: before s1.05.12.
Source: NVD
References
Related CVEs
Same vendor
- CVE-2025-7016 — Improper Access Control vulnerability in Akın Software Computer Import Export Industry and Trade Ltd (8.0 HIGH)
- CVE-2023-1251 — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Akinsoft Wolvox (9.8 CRITICAL)
Same CWE
- CVE-2009-10007 — Catalyst::Plugin::Authentication versions before 0.10_027 for Perl is susceptible to session fixation attacks (9.1 CRITICAL)
- CVE-2026-41839 — A WebFlux application with a compromised subdomain (for example, compromised via cross-site scripting (XSS)) is vulnerable to an escalati... (4.2 MEDIUM)
- CVE-2026-11335 — A flaw has been found in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500e... (6.3 MEDIUM)
- CVE-2025-67446 — Improper Authentication (Authentication Bypass) exists in Neterbit NW-431F Router 20241014-IR03 and before (9.8 CRITICAL)
- CVE-2026-33384 — QuickCMS allows a user's session identifier to be set before authentication