ESPN's is the second most popular fantasy football site, with more than 6 million users. So it's a huge problem that a gaping flaw exists, allowing you to change the rosters of any team in just minutes. Here's how to do it.

UPDATE: has apparently fixed the problem. Bummer.

This is my team. Not great, I'll admit. But I'm especially weak at quarterback. Unfortunately, all the decent QBs are taken, and I don't want to give anything up in a trade for them. But thanks to the flaw in ESPN's system, I can force another team to drop their player, and pick him up myself.

The first thing you want to do is familiarize yourself with the URL that accompanies each transaction. To find the one you want, begin the process of dropping one of your players. Kevin Kolb, you're out.


You'll see this screen. Note: you don't actually have to go through with dropping the player.

The URL on the confirm page is the key. There's a string of characters that tells ESPN everything about the transaction. The important ones, for our purposes, are the team ID number (in red) and the player ID number (in green). In this example, my team ID is 15 and Kevin Kolb's ID is 10480. Note: if you really want to screw around, you can change the league ID number and wreak havoc in the leagues of strangers. Drop everyone from every team!


But you'll need to find the team and player codes for your target. I decided to go after Tony Romo, the best quarterback not on the "undroppable" list. To find out the codes, simply look him up in your league's "players section." Copy the link that would allow you to propose a trade.


When you paste that link, here's what you'll see. The ID number of the team that currently owns Romo is 14, and Romo's ID number is 5209.

What you need to do is take those numbers, and replace them in the original URL from when you were dropping your own player. Everywhere there's a "15" (my team ID number), I changed it to "14" (Romo's owner's team ID). And everywhere Kevin Kolb's ID number shows up, I replaced that with "5209." You may have to do this in multiple places in the URL, depending on your settings.


Hit enter. Here's what you'll see. If you did it right, it may still say "undisclosed player." That's okay. Click confirm.


And you're done! Romo has been dropped by his team. Go snap him up.

A couple of notes on the outcome. If your league puts dropped players on the waiver wire, there's no way around that—you'll have to wait until he clears. I happen to be second on the waiver wire, so I repeated the process with Arian Foster from another team. This way I'm guaranteed to land at least one of them. And to increase my chances, I forced the system to put in a waiver claim for the team ahead of me on the wire. (It's essentially the same process; experiment by starting your own waiver claim to obtain the URL with which to replace your opponent's ID numbers.)


You'll also notice I filled the empty roster spot on Tony Romo's former team with Jim Sorgi, career benchwarmer who's out for the year with an injury. Didn't want to leave him without a QB.

ESPN has been informed of the flaw, but has yet to address it. If the world learns about this before they fix it (especially in leagues for money), all hell is about to break loose.