Cookies are not to store possibly dangerous data (as password) or data that can be malused (eg. price). For that you should use database, or file (better db).
In cookie you can store eg.username for simpler login, non relevant data like filter, session id, etc.

Remember that if you use _SESSION it usually relies on cookie, so it's not so foolish.
I use only cookie to pass the logged in info (I store the rnd number and username, the whole information is stored in db - I check if rnd number for username is correct, then user is logged. It's quite secure.)

So to say the truth it really depends on what's being stored in that cookie, not on the usage of cookies themself that may pose threat to webpage security.

Hope this cleares some things
Michal Cibor