http://www.ocert.org/advisories/ocert-2011-003.html

Hash collsision based attack to key value store. If a webapp uses the given key as it is, i.e., it’s not including timestamp or some salt, it is vulerable this type of attack.

I like hacking as most of them spring from this kind of creativeness.