Thanks for the information,
I use accept to only allow pdf, doc, xls files to upload.
Can I upload to any physic diretory what I specify using ColdFusion for C:\MyTempDiretory?
If so, user still be able to upload malicious code to tempdirectory as well.
I think that the solution is to limit the file types to upload and prohibit folder files to excute.
Thanks again for helping,
Regards,
Iccsi,