diff --git a/pages/account/25.php b/pages/account/25.php
index 034518e..ab0e6b2 100644
--- a/pages/account/25.php
+++ b/pages/account/25.php
@@ -37,13 +37,13 @@
 		$domcount = mysql_num_rows($r2);
 ?>
   <tr>
-    <td class="DataTD"><?=($row['O'])?>, <?=($row['ST'])?> <?=($row['C'])?></td>
-    <td class="DataTD"><a href="account.php?id=26&amp;orgid=<?=$row['id']?>"><?=_("Domains")?> (<?=$domcount?>)</a></td>
+    <td class="DataTD"><?=htmlspecialchars($row['O'])?>, <?=htmlspecialchars($row['ST'])?> <?=htmlspecialchars($row['C'])?></td>
+    <td class="DataTD"><a href="account.php?id=26&amp;orgid=<?=intval($row['id'])?>"><?=_("Domains")?> (<?=$domcount?>)</a></td>
     <td class="DataTD"><a href="account.php?id=32&amp;orgid=<?=$row['id']?>"><?=_("Admins")?> (<?=$admincount?>)</a></td>
     <td class="DataTD"><a href="account.php?id=27&amp;orgid=<?=$row['id']?>"><?=_("Edit")?></a></td>
     <td class="DataTD"><a href="account.php?id=31&amp;orgid=<?=$row['id']?>"><?=_("Delete")?></a></td>
     <? if(array_key_exists('viewcomment',$_REQUEST) && $_REQUEST['viewcomment']!='') { ?>
-    <td class="DataTD"><?=($row['comments'])?></td>
+    <td class="DataTD"><?=sanitizeHTML($row['comments'])?></td>
     <? } ?>
   </tr>
 <? } ?>