#!/usr/bin/perl -Tw

# Now uses Taint and strict
 use CGI;
 use strict;
 my $upload_dir = "/tmp/jobs";

 my  $query = new CGI;

 my $email_address = $query->param("email_address");
 my $filename = $query->param("photo");

 # Upload param check
 unless($filename =~ /^([^\/\\]+)$/) {
         print "File Not Writable! at upload param check";
         exit;
 }
 $filename =~ s/.*[\/\\](.*)/$1/;
 my $upload_filehandle = $query->upload("photo");

 open UPLOADFILE, ">$upload_dir/$filename";

 binmode ($upload_filehandle);
 binmode (UPLOADFILE);

 while ( <$upload_filehandle> )
 {
   print UPLOADFILE $_; # this was your problem $_
 }

 close UPLOADFILE;