It has been discovered that the extension "Zend Framework Integration" (zend_framework) is susceptible to File Disclosure.

More... (http://www.typo3.org/news/article/file-disclosure-in-extension-zend-framework-integration-zend-framework/)