I would guess that your problem stems from the improper quoting of parameters being passed to your AddAvatars stored proc. It looks like there a single quote missing after $FileName in the prepare statement:

... \@AvatarName = '$FileName, \@Game = '$Game', ...
                             ^ single quote missing here
[download]

Also, can you place holders for the parameters? Try something like:

$STH = $DBH -> prepare ('exec AddAvatars ?, @Creator = ?, @ContactMeth
+od = ?, @ContactAddress = ?, @AvatarName = ?, @Game = ?, @Section = ?
+, @Width = ?, @Height = ?') or die "$DBI::errstr;";
$STH -> bind_param_inout(1, \$Error, 1);
$STH -> bind_param(2, $Creator);
$STH -> bind_param(3, $ContactMethod);
...etc...
$STH -> execute or die "$DBI::errstr;";
[download]

Note that using place holders allows you to simplify the syntax of your SQL. You can use single quotes for the statement and there's no need to escape the at-signs.