It's not a script, it's a process. Start with perlsec and Ovid's CGI Course. Super Search here for 'security', 'taint', 'cgi', javascript, etc for particular cases.

What particular security problems are you having?

After Compline,
Zaxo