Since you've already received wisdom from Your Mother and Athanasius on the problem at hand, here are 2 quick tips to stop your server getting compromised.

1. Never do my $databaseUser="root"; in a CGI script or really any script run by an unprivileged user. Set up a dedicated db user for the task at hand and use that in your script instead - it only takes 10 seconds to do but could save you weeks of clean-up in the event of an attack. Set up a second dedicated user with read-only privs too for such scripts that require it such as your second one above.
2. Always use taint mode with CGI. This is especially important when interacting with other back-end systems such as a database but is good practice anyway to prevent injection attacks against the shell, net protocols, databases, etc.

These things may seem like a hassle now but if you don't use them and your system becomes compromised you will surely wish you had. Good luck.