diff --git a/admin/cat_modify.php b/admin/cat_modify.php
index 261f1c0c6..6eb1fbc5d 100644
--- a/admin/cat_modify.php
+++ b/admin/cat_modify.php
@@ -106,7 +106,8 @@ if (isset($_POST['submit']))
       $conf['allow_html_descriptions'] ?
         @$_POST['comment'] : strip_tags(@$_POST['comment']),
     );
-     
+
+  $data['name'] = pwg_db_real_escape_string($data['name']);
   if ($conf['activate_comments'])
   {
     $data['commentable'] = isset($_POST['commentable'])? 'true':'false';
@@ -211,7 +212,7 @@ if (!empty($category['id_uppercat']))
 
 $template->assign(
   array(
-    'CATEGORIES_NAV'     => preg_replace("# {2,}#"," ",preg_replace("#(\r\n|\n\r|\n|\r)#"," ",$navigation)),
+    'CATEGORIES_NAV'     => preg_replace("# {2,}#"," ",preg_replace("#(\r\n|\n\r|\n|\r)#"," ",pwg_db_real_escape_string($navigation))),
     'CAT_ID'             => $category['id'],
     'CAT_NAME'           => @htmlspecialchars($category['name']),
     'CAT_COMMENT'        => @htmlspecialchars($category['comment']),
diff --git a/include/ws_functions/pwg.categories.php b/include/ws_functions/pwg.categories.php
index abce8aaa7..c41ce24d9 100644
--- a/include/ws_functions/pwg.categories.php
+++ b/include/ws_functions/pwg.categories.php
@@ -647,7 +647,8 @@ function ws_categories_add($params, &$service)
     // TODO do not strip tags if pwg_token is provided (and valid)
     $options['comment'] = strip_tags($params['comment']);
   }
-
+  
+  $params['name'] = pwg_db_real_escape_string($params['name']);
   $creation_output = create_virtual_category(
     strip_tags($params['name']), // TODO do not strip tags if pwg_token is provided (and valid)
     $params['parent'],