diff --git a/modules/document/document.admin.view.php b/modules/document/document.admin.view.php
index 0022fb365..53eb92212 100644
--- a/modules/document/document.admin.view.php
+++ b/modules/document/document.admin.view.php
@@ -59,6 +59,9 @@
             Context::set('status_name_list', $statusNameList);
             Context::set('page_navigation', $output->page_navigation);
 
+			$oSecurity = new Security();
+			$oSecurity->encodeHTML('document_list..variables.');
+
             // set a search option used in the template
             $count_search_option = count($this->search_option);
             for($i=0;$i<$count_search_option;$i++) {
diff --git a/modules/install/install.admin.controller.php b/modules/install/install.admin.controller.php
index a0618d56f..1020a0393 100644
--- a/modules/install/install.admin.controller.php
+++ b/modules/install/install.admin.controller.php
@@ -150,7 +150,7 @@
             $buff = '<?php if(!defined("__ZBXE__")) exit();'."\n";
             foreach($ftp_info as $key => $val) {
                 if(!$val) continue;
-				if(preg_match('/(<\?|<\?php|\?>)/xsm', preg_replace('/\s/', '', $val)))
+				if(preg_match('/(<\?|<\?php|\?>|fputs|fopen|fwrite|fgets|fread|\/\*|\*\/|chr\()/xsm', preg_replace('/\s/', '', $val)))
 				{
 					continue;
 				}