diff --git a/lib/browse/Criteria.inc b/lib/browse/Criteria.inc
index a7d2c16..160d2ce 100644
--- a/lib/browse/Criteria.inc
+++ b/lib/browse/Criteria.inc
@@ -245,7 +245,7 @@ class BrowseCriterion {
     function searchSQL ($aRequest, $handle_not = true) {
         $val = null;
         if ($this->bString) {
-            $val = array($this->getSearchTable() . "." . $this->getSearchField() . " LIKE '%!%'", array($aRequest[$this->getWidgetBase()]));
+            $val = array($this->getSearchTable() . "." .  $this->getSearchField() . " LIKE '%!%'", array(DBUtil::escapeSimple($aRequest[$this->getWidgetBase()])));
         } else {
             $val = array($this->getSearchTable() . "." . $this->getSearchField() . " = ?", array($aRequest[$this->getWidgetBase()]));
         }