##
$r = $cgi->param('r'); # If he provides <<".system("rm -rf /").">>,
$r = "You said $r"; # the user deletes the server's hard drive.
####
$r = $cgi->param('r'); # If he provides <<$r>>,
$r = "You said $r"; # the user causes an infinite loop.
# He could bring down the server in a sec.