 | ${IFS} command injection | | |
| 0-click exploit | | |
| 0-click exploitation | | |
| 0-click Exploitation via JBIG2 Logic Circuit | | |
| 0-click / no-click link preview data exfiltration | | |
| 0-Click RCE via Calendar Event and Local Extension Execution | | |
| 0-click server-side exploitation using owner credentials (server-side request causing actions as owner) | | |
| 0-click spyware targeting via messaging platform | | |
| 0-click SQL execution (owner credentials) | | |
| 0-day attacks | | |
| 0-day exploitation to deploy spyware | | |
| 0-day vulnerability sale | | |
| 1-click exploitation via viewer credentials (malicious report shared or embedded) | | |
| 1-click exploit kit | | |
| 1-Click RCE Kill Chain | | |
| 1-click RCE via local WebSocket command-line injection | | |
| 1-Click RCE via Unvalidated WebSocket Parameter | | |
| 1-Click Remote Code Execution via token theft and node.invoke | | |
| 1-Click Remote Code Execution via malicious profile image | | |
| 1-click SQL execution (viewer credentials) | | |
| 1-day vulnerability | | |
| 1Password vault hijack and credential theft | | |
| 1-trace horizontal attack | | |
| 1x1 GIF pixel onload trick (inline script execution) | | |
| 2FA abuse and online impersonation | | |
| 2FA bypass | | |
| 2FA Bypass | | |
| 2FA bypass by capturing Facebook QR codes and mouse clicks | | |
| 2FA bypass by exfiltrating secret and creating app passwords | | |
| 2FA bypass by exporting Google Authenticator codes | | |
| 2FA bypass exploitation (CVE-2020-12812) | | |
| 2FA bypass techniques | | |
| 2FA bypass via CAPTCHA/QR capture | | |
| 2FA bypass via forged device responses | | |
| 2FA Bypass via Forged Device Responses | | |
| 2FA bypass via hardcoded trust assumption | | |
| 2FA Bypass via LDAP Case-Sensitivity Mismatch | | |
| 2FA bypass via phone number control | | |
| 2FA bypass via session token theft | | |
| 2FA bypass via username case change | | |
| 2FA Bypass via Username Case Manipulation | | |
| 2FA bypass via zero-day exploit | | |
| 2FA code capture via phishing kit | | |
| 2FA code exposure/interception | | |
| 2FA code scraping from Google Authenticator | | |
| 2FA code theft from devices | | |
| 2FA/enforced_tfa enumeration (information disclosure) | | |
| 2FA Interception | | |
| 2FA interception and GUI hijack on phishing page | | |
| 2FA interception and session cookie theft | | |
