Maybe I'm overly cautious, but in today's world, where even simple URL manipulation can be regarded as hacking, I would be very reluctant to post exploits like this. It's crazy, but this can be construed as wire fraud or computer crime:
18 U.S.C. § 1030(a)(4)
Whoever—
(4) knowingly and with intent to defraud, accesses a protected computer
without authorization, or exceeds authorized access, and by means
of such conduct furthers the intended fraud and obtains anything of
value, unless the object of the fraud and the thing obtained consists only
of the use of the computer and the value of such use is not more than
$5,000 in any 1-year period . . .
shall be punished as provided in subsection (c) of this section.
"Protected computer" in this context means any computer that is connected to the Internet. And the value obtained would be unlimited use of the game, which would normally be a limited. True, that last part is up for debate, as it is possible to play the game without paying, but I wouldn't want to be forced to argue this in court...
Many countries have pretty aggressive anti-hacking laws. The UK, for instance, has a very similar piece of legislation that in theory makes URL manipulation illegal.
18 U.S.C. § 1030(a)(4)
Whoever— (4) knowingly and with intent to defraud, accesses a protected computer without authorization, or exceeds authorized access, and by means of such conduct furthers the intended fraud and obtains anything of value, unless the object of the fraud and the thing obtained consists only of the use of the computer and the value of such use is not more than $5,000 in any 1-year period . . . shall be punished as provided in subsection (c) of this section.
"Protected computer" in this context means any computer that is connected to the Internet. And the value obtained would be unlimited use of the game, which would normally be a limited. True, that last part is up for debate, as it is possible to play the game without paying, but I wouldn't want to be forced to argue this in court...