you get the same results even though no such .bak file exists anywhere on that machine.
As a matter of fact, you can do navigate here:
And you still get results. How can we prohibit this type of behavior? .bak files show up as vulnerabilities in Security Scans on web applications and its preventing a successful test run .