$filename = $query->param("Resume_File");
$filename =~ s/.*[\/\\](.*)/$1/;
open UPLOADFILE, ">$upload_dir/$filename";

##</code><code>##

Resume_File=/../myscript.pl
Resume_File=/./.htaccess