-
Bug
-
Resolution: Fixed
-
3.0.0
-
None
-
PHP Environment: 5.1.6
Database: MySQL 5.0.27
Here's what I did:
1. Go to memberlist.php
2. Click 'Find a member'
3. Select any group from the Groups dropdown and hit submit. The first time you hit Search, the form is posted and the location in the address bar doesn't change. Hit Search again. The search parameters are sent via a GET request.
4. Modify the location in the address bar, specifically the number after search_group_id= to view the members of any group, even hidden groups that you are not a part of.
Sure, it doesn't show the group name, but that doesn't mean anything. Several inferences can be made based on who are members of what group. For example, we are playing the werewolf game on my forum and using this hack, people can figure out who the wolves and vampires are.