perldoc perlsec— Perl security information page. This page provides extensive information on Taint mode.
CGI::Thin— Handles the decoding of the information that comes into a CGI program (a small, version of CGI).
CGI::Thin::Cookies— Handles the sending and receiving of cookies (part of the CGI::Thin module).
CGI::Carp— Intercepts die and other bad things that can happen to a CGI program and displays an error for the user.
CGI— Does everything a CGI program might want and many things you don’t want. The much smaller and simpler CGI::Thin module is recommended for almost all applications.
CGI::Enurl— Encodes a URL in the same way as the browser does when it sends a form to the user.
Taint— Provides the tainted function, which tests to see whether a variable is tainted.
http://www.securityfocus.org— Good general system security site.