You got a lot of good pointers (a lot of good pointers), but it all starts with perlsec, and perlfaq9:My CGI script runs from the command line but not the browser. (500 Server Error) (from which you get this, this, and this). If some of these look old, don't worry, it's all still very much relevant/applicable/lifesaving.
 

Look ma', I'm on CPAN.

---

** The Third rule of perl club is a statement of fact: pod is sexy.