diff --git a/htdocs/compta/cashcontrol/class/cashcontrol.class.php b/htdocs/compta/cashcontrol/class/cashcontrol.class.php
index 3d3e97bab6f..d05a99ac709 100644
--- a/htdocs/compta/cashcontrol/class/cashcontrol.class.php
+++ b/htdocs/compta/cashcontrol/class/cashcontrol.class.php
@@ -125,8 +125,8 @@ class CashControl extends CommonObject
 		$sql .= ", ".$this->opening;
         $sql .= ", 0";										// Draft by default
 		$sql .= ", '".$this->db->idate(dol_now())."'";
-		$sql .= ", '".$this->posmodule."'";
-		$sql .= ", '".$this->posnumber."'";
+		$sql .= ", '".$this->db->escape($this->posmodule)."'";
+		$sql .= ", '".$this->db->escape($this->posnumber)."'";
 		$sql .= ")";
 
 		$this->db->begin();