A nice place to look for web application security is the Open Web Application Security Project which as well as having a nice guide as to what the major flaws in many such systems are also have a program (In Java) called WebGoat which pretty much takes you through common exploits as you try them on a test server. In my opinion this helps you understand the issues on an intuitive level and to avoid allowing such holes into your own code.

Another useful resource with some Perl-specific hints is the W3 Security FAQ, which when used in conjunction with the above and a good knowledge of generally reliable coding strategies should stand you in good stead.