Session Fixation Vulnerability in QR Menu by Akın Software
CVE-2025-7015

5.7MEDIUM

Key Information:

Vendor: Akın Software Computer Import Export Industry And Trade Ltd.
Status: Qr Menu
Vendor: CVE Published:; 29 January 2026

🔔 Create Akın Software Computer Import Export Industry And Trade Ltd. Vulnerability Alert

What is CVE-2025-7015?

A session fixation vulnerability exists in QR Menu, developed by Akın Software Computer Import Export Industry and Trade Ltd. This vulnerability allows attackers to hijack user sessions, posing significant risks to user security and data integrity. The issue affects versions of QR Menu prior to s1.05.12, urging users to upgrade to mitigate potential exploits.

Affected Version(s)

QR Menu 0

References

https://www.usom.gov.tr/bildirim/tr-26-0006

CVSS V3.1

Score:

5.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 29, 2026
Vulnerability Reserved
Jul 2, 2025

Credit

Şahnur Eren ALOĞLU

CVE-2025-7015 Data

JSON