I was actually asking why PHP is considered okay to run in shared environments from a security standpoint, not why people like to program it.
Your facts about PHP and Perl's architectures are not correct. Both of them are written in C, both of them compile to bytecode before execution, and even with a bytecode cache like the Zend cache, Perl is still faster than PHP.
Perl is equally vulnerable to buffer overflows, being written in C as well. The reason you don't see many reports of these problems in Perl is that a lot of people spent a lot of time finding and fixing them. The core Perl 5 codebase has had many years to mature.