You have an upload form that must be a post method with the enctype multipart/form-data. This is because when you post the data, the image is uploaded as an "attachment" to the input data, separated by a boundary.

<form method="post" action="yourscript.cfm" enctype="multipart/form-data">
<input type="file" name="photo" id="photo">
<input type="submit" name="submitButton" value="Upload">
</form>

The server side processor locates the multipart boundary, separates it from the rest of the posted data and stores it in a file. Sometimes this is a temporary location (PHP) that needs to be moved, sometimes you can determine the file name/location directly.

A side note, you have to be very cautious of the uploaded file here, insuring it's a valid file upload and not a virus/malware. In other languages, such as perl or PHP, you can use the ImageMagick interfaces to check that it's actually an image file. Checking against a filename extension is not sufficient. Of course, there must be other data cleansing procedures as well to avoid potential injection attacks.

You would then need scripting that connects to the mail server and sends the email with the file as an attachment. Again, in other languages there are modules and tools to make this a relatively easy process.

On success, your script would delete the uploaded file and return a response to the browser.