In order to correctly scan for vulnerabilities, especially remote scans, we often need to exhibit similar behaviour as the exploit in order to safely determine if an asset is vulnerable.
We also recommend disabling AV/malware detectors to prevent problems. In the case of the particular script getting quarantined, this will prevent us scanning for a particular vulnerability, which could in turn, result in a false negative
We recently had a similar alert pop and I appreciate the answers and what not, it really helps to have this as a resource, so thank you
but, in an attempt to satisfy my own curiosity, what is this .tmp file for and where does it come from?