diff --git a/php/modules/Import.php b/php/modules/Import.php
index 4d28226..2ecca57 100644
--- a/php/modules/Import.php
+++ b/php/modules/Import.php
@@ -87,8 +87,11 @@ class Import extends Module {
 
 				$out = '';
 				$ret = '';
+				$file = escapeshellarg($file);
+				$cmd = $osmv . " $file " . LYCHEE_DATA . $tmpdirname;
+
+				@exec($cmd, $out, $ret);
 
-				@exec($osmv . ' ' . $file . ' ' . LYCHEE_DATA . $tmpdirname, $out, $ret);
 				if (isset($ret)&&($ret>0)) Log::error($database, __METHOD__, __LINE__, "Failed to move directory or file ($ret):" . $file);
 
 			}