diff --git a/Classes/Domain/Model/Transfer/FilterDto.php b/Classes/Domain/Model/Transfer/FilterDto.php
index 7d5fff14..8dcf57ea 100644
--- a/Classes/Domain/Model/Transfer/FilterDto.php
+++ b/Classes/Domain/Model/Transfer/FilterDto.php
@@ -91,7 +91,7 @@ public function __construct(int $timePeriod = self::PERIOD_DEFAULT)
 
     public function getSearchterm(): string
     {
-        return $this->searchterm;
+        return StringUtility::sanitizeString($this->searchterm);
     }
 
     public function isSearchtermSet(): bool
@@ -112,7 +112,7 @@ public function setSearchterm(string $searchterm): self
 
     public function getPid(): string
     {
-        return $this->pid;
+        return StringUtility::sanitizeString($this->pid);
     }
 
     public function isPidSet(): bool
@@ -128,7 +128,7 @@ public function setPid(string $pid): self
 
     public function getTimeFrom(): string
     {
-        return $this->timeFrom;
+        return StringUtility::sanitizeString($this->timeFrom);
     }
 
     public function isTimeFromSet(): bool
@@ -153,7 +153,7 @@ public function setTimeFrom(string $timeFrom): self
 
     public function getTimeTo(): string
     {
-        return $this->timeTo;
+        return StringUtility::sanitizeString($this->timeTo);
     }
 
     public function isTimeToSet(): bool
@@ -308,7 +308,7 @@ public function removeShortMode(): self
 
     public function getDomain(): string
     {
-        return $this->domain;
+        return StringUtility::sanitizeString($this->domain);
     }
 
     public function isDomainSet(): bool
@@ -324,7 +324,7 @@ public function setDomain(string $domain): self
 
     public function getSite(): string
     {
-        return StringUtility::cleanString($this->site);
+        return StringUtility::sanitizeString($this->site);
     }
 
     public function isSiteSet(): bool
@@ -344,7 +344,7 @@ public function setSite(string $site): self
 
     public function getUtmCampaign(): string
     {
-        return $this->utmCampaign;
+        return StringUtility::sanitizeString($this->utmCampaign);
     }
 
     public function isUtmCampaignSet(): bool
@@ -352,7 +352,7 @@ public function isUtmCampaignSet(): bool
         return $this->getUtmCampaign() !== '';
     }
 
-    public function setUtmCampaign(string $utmCampaign): FilterDto
+    public function setUtmCampaign(string $utmCampaign): self
     {
         $this->utmCampaign = $utmCampaign;
         return $this;
@@ -360,7 +360,7 @@ public function setUtmCampaign(string $utmCampaign): FilterDto
 
     public function getUtmSource(): string
     {
-        return $this->utmSource;
+        return StringUtility::sanitizeString($this->utmSource);
     }
 
     public function isUtmSourceSet(): bool
@@ -368,7 +368,7 @@ public function isUtmSourceSet(): bool
         return $this->getUtmSource() !== '';
     }
 
-    public function setUtmSource(string $utmSource): FilterDto
+    public function setUtmSource(string $utmSource): self
     {
         $this->utmSource = $utmSource;
         return $this;
@@ -376,7 +376,7 @@ public function setUtmSource(string $utmSource): FilterDto
 
     public function getUtmMedium(): string
     {
-        return $this->utmMedium;
+        return StringUtility::sanitizeString($this->utmMedium);
     }
 
     public function isUtmMediumSet(): bool
@@ -384,7 +384,7 @@ public function isUtmMediumSet(): bool
         return $this->getUtmMedium() !== '';
     }
 
-    public function setUtmMedium(string $utmMedium): FilterDto
+    public function setUtmMedium(string $utmMedium): self
     {
         $this->utmMedium = $utmMedium;
         return $this;
@@ -392,7 +392,7 @@ public function setUtmMedium(string $utmMedium): FilterDto
 
     public function getUtmContent(): string
     {
-        return $this->utmContent;
+        return StringUtility::sanitizeString($this->utmContent);
     }
 
     public function isUtmContentSet(): bool
@@ -424,7 +424,7 @@ public function setBranchCode(int $branchCode): self
 
     public function getRevenueClass(): string
     {
-        return $this->revenueClass;
+        return StringUtility::sanitizeString($this->revenueClass);
     }
 
     public function isRevenueClassSet(): bool
@@ -440,7 +440,7 @@ public function setRevenueClass(string $revenueClass): self
 
     public function getSizeClass(): string
     {
-        return $this->sizeClass;
+        return StringUtility::sanitizeString($this->sizeClass);
     }
 
     public function isSizeClassSet(): bool
@@ -513,7 +513,7 @@ public function isSet(): bool
 
     public function isTimeFromOrTimeToSet(): bool
     {
-        return $this->timeFrom !== '' || $this->timeTo !== '';
+        return $this->isTimeFromSet() || $this->isTimeToSet();
     }
 
     /**
@@ -523,9 +523,15 @@ public function isTimeFromOrTimeToSet(): bool
      */
     protected function isOnlySearchtermGiven(): bool
     {
-        return $this->searchterm !== '' && $this->pid === '' && $this->scoring === 0 && $this->categoryScoring === null
-            && $this->timeFrom === '' && $this->timeTo === '' && $this->timePeriod === self::PERIOD_DEFAULT
-            && $this->identified === self::IDENTIFIED_ALL && $this->domain === '';
+        return $this->isSearchtermSet()
+            && $this->isPidSet() === false
+            && $this->isScoringSet() === false
+            && $this->isCategoryScoringSet() === false
+            && $this->isTimeFromSet() === false
+            && $this->isTimeToSet() === false
+            && $this->timePeriod === self::PERIOD_DEFAULT
+            && $this->identified === self::IDENTIFIED_ALL
+            && $this->isDomainSet() === false;
     }
 
     /**
diff --git a/Classes/Domain/Repository/PagevisitRepository.php b/Classes/Domain/Repository/PagevisitRepository.php
index 29a55798..a00d6496 100644
--- a/Classes/Domain/Repository/PagevisitRepository.php
+++ b/Classes/Domain/Repository/PagevisitRepository.php
@@ -21,7 +21,6 @@
 use In2code\Lux\Utility\FrontendUtility;
 use In2code\Luxenterprise\Domain\Repository\ShortenerRepository;
 use TYPO3\CMS\Core\Utility\GeneralUtility;
-use TYPO3\CMS\Core\Utility\MathUtility;
 use TYPO3\CMS\Extbase\Persistence\Exception\InvalidQueryException;
 use TYPO3\CMS\Extbase\Persistence\QueryInterface;
 use TYPO3\CMS\Extbase\Persistence\QueryResultInterface;
diff --git a/Classes/Utility/StringUtility.php b/Classes/Utility/StringUtility.php
index deffe696..121e5046 100644
--- a/Classes/Utility/StringUtility.php
+++ b/Classes/Utility/StringUtility.php
@@ -57,6 +57,23 @@ public static function cleanString(string $string, bool $toLower = false, string
         return $string;
     }
 
+    /**
+     * Clean strings like GET or POST params for SQL usage or usage in HTML. Disallowed characters are removed.
+     * Disallowed characters to sanitize SQL queries are: /\+*#?$%&!='"`´<>{}[]() and -- (double minus)
+     *
+     *  Example replacements:
+     *      'Réne Nüßer' => 'Réne Nüßer',
+     *      'Not this/\+=*#?$%&!;"\'´`<>{}[]()--nono' => 'Not thisnono',
+     *      'But this@here.-_is,ok' => 'But this@here.-_is,ok',
+     *
+     * @param string $string
+     * @return string
+     */
+    public static function sanitizeString(string $string): string
+    {
+        return preg_replace('/[\/\\*#?$%&!=\'"`´<>{}\[\]()]|--/', '', $string);
+    }
+
     public static function getRandomString(int $length = 32, bool $lowerAndUpperCase = true): string
     {
         $characters = implode('', range(0, 9)) . implode('', range('a', 'z'));