Yes, you still need to check your input.
CGI does not filter your input - if someone puts something nasty in a parameter that you ask CGI to fetch for you, watch out if you aren't using taint mode and some good regexes for untainting those variables.

Update: Your question seems to suggest that you haven't used CGI in the past for CGI scripts.
Bad. Bad. Bad :-)
Have a look at use CGI or die;.