diff --git a/scripts/zmcamtool.pl.in b/scripts/zmcamtool.pl.in index 603c979bb..b7665d7d2 100644 --- a/scripts/zmcamtool.pl.in +++ b/scripts/zmcamtool.pl.in @@ -351,8 +351,11 @@ sub exportsql { } } - if ($ARGV[0]) { - $command .= qq( --where="Name = '$ARGV[0]'"); + my $name = $ARGV[0]; + if ($name) { + $name =~ /([A-Za-z0-9 -]*)/; # Only allow alphanumeric, dash and space + $name = $1; + $command .= qq( --where="Name = '$name'"); } $command .= " zm Controls MonitorPresets";