diff --git a/htdocs/includes/odtphp/odf.php b/htdocs/includes/odtphp/odf.php
index a13a3923eabb60c8c3b416978561a2eac361b272..26d1c05721915f05901f45fe0ab58dddafdb0b19 100644
--- a/htdocs/includes/odtphp/odf.php
+++ b/htdocs/includes/odtphp/odf.php
@@ -489,11 +489,11 @@ IMG;
 		$name=preg_replace('/\.odt/i', '', $name);
 		if (!empty($conf->global->MAIN_DOL_SCRIPTS_ROOT))
 		{
-			$command = $conf->global->MAIN_DOL_SCRIPTS_ROOT.'/scripts/odt2pdf/odt2pdf.sh '.$name.' '.(is_numeric($conf->global->MAIN_ODT_AS_PDF)?'jodconverter':$conf->global->MAIN_ODT_AS_PDF);
+			$command = $conf->global->MAIN_DOL_SCRIPTS_ROOT.'/scripts/odt2pdf/odt2pdf.sh '.escapeshellcmd($name).' '.(is_numeric($conf->global->MAIN_ODT_AS_PDF)?'jodconverter':$conf->global->MAIN_ODT_AS_PDF);
 		}
 		else
 		{
-			$command = '../../scripts/odt2pdf/odt2pdf.sh '.$name.' '.(is_numeric($conf->global->MAIN_ODT_AS_PDF)?'jodconverter':$conf->global->MAIN_ODT_AS_PDF);
+			$command = '../../scripts/odt2pdf/odt2pdf.sh '.escapeshellcmd($name).' '.(is_numeric($conf->global->MAIN_ODT_AS_PDF)?'jodconverter':$conf->global->MAIN_ODT_AS_PDF);
 		}