diff --git a/Sccp_manager.inc/dbinterface.class.php b/Sccp_manager.inc/dbinterface.class.php
index 99b6c24..f5e7ce7 100644
--- a/Sccp_manager.inc/dbinterface.class.php
+++ b/Sccp_manager.inc/dbinterface.class.php
@@ -205,13 +205,13 @@ class dbinterface
             case 'byciscoid':
                 if (!empty($filter)) {
                     if (!empty($filter['model'])) {
-                        if (strpos($filter['model'], 'loadInformation')) {
-                            $stmt = $dbh->prepare('SELECT ' . $sel_inf . ' FROM sccpdevmodel WHERE (loadinformationid =' . $filter['model'] . ') ORDER BY model');
-                        } else {
-                            $stmt = $dbh->prepare('SELECT ' . $sel_inf . ' FROM sccpdevmodel WHERE (loadinformationid = loadInformation' . $filter['model'] . ') ORDER BY model');
+                        if (!strpos($filter['model'], 'loadInformation')) {
+                            $filter['model'] = 'loadInformation' . $filter['model'];
                         }
+                        $stmt = $dbh->prepare("SELECT {$sel_inf} FROM sccpdevmodel WHERE (loadinformationid = :model ) ORDER BY model");
+                        $stmt->bindParam(':model', $filter['model'], \PDO::PARAM_STR);
                     } else {
-                        $stmt = $dbh->prepare('SELECT ' . $sel_inf . ' FROM sccpdevmodel ORDER BY model');
+                        $stmt = $dbh->prepare("SELECT {$sel_inf} FROM sccpdevmodel ORDER BY model");
                     }
                     break;
                 }