diff --git a/src/modules/api/api.js b/src/modules/api/api.js
index 489f2ad..77da458 100644
--- a/src/modules/api/api.js
+++ b/src/modules/api/api.js
@@ -393,7 +393,10 @@ function GetApp() {
   app.post('/login', (req, res) => {
     logger.LogReq(req)
     const pw = req.body.pw
-      ? req.body.pw.replace("'", '').replace('"', '')
+      ? req.body.pw
+          .replace(/'/g, '')
+          .replace(/"/g, '')
+          .replace(/;/g, '')
       : false
     const cid = req.body.cid
     const isScript = req.body.script