diff --git a/mobile/shop/listtype.php b/mobile/shop/listtype.php
index 093353ecc..9012546af 100644
--- a/mobile/shop/listtype.php
+++ b/mobile/shop/listtype.php
@@ -1,7 +1,7 @@
 <?php
 include_once('./_common.php');
 
-$type = $_REQUEST['type'];
+$type = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\s]/", "", $_REQUEST['type']);
 if ($type == 1)      $g5['title'] = '히트상품';
 else if ($type == 2) $g5['title'] = '추천상품';
 else if ($type == 3) $g5['title'] = '최신상품';
diff --git a/shop/_common.php b/shop/_common.php
index 5cdeec8c4..33919b91c 100644
--- a/shop/_common.php
+++ b/shop/_common.php
@@ -3,7 +3,7 @@ include_once('../common.php');
 
 if (isset($_REQUEST['sort']))  {
     $sort = trim($_REQUEST['sort']);
-    $sort = preg_replace("/[\<\>\'\"\%\=\(\)\s]/", "", $sort);
+    $sort = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\s]/", "", $sort);
 } else {
     $sort = '';
 }
diff --git a/shop/listtype.php b/shop/listtype.php
index a6a6d8346..4691f398f 100644
--- a/shop/listtype.php
+++ b/shop/listtype.php
@@ -6,7 +6,7 @@ if (G5_IS_MOBILE) {
     return;
 }
 
-$type = $_REQUEST['type'];
+$type = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\s]/", "", $_REQUEST['type']);
 if ($type == 1)      $g5['title'] = '히트상품';
 else if ($type == 2) $g5['title'] = '추천상품';
 else if ($type == 3) $g5['title'] = '최신상품';