diff --git a/common.php b/common.php
index 85507b17d..d17b0ae49 100644
--- a/common.php
+++ b/common.php
@@ -255,7 +255,7 @@ function sql_escape_string($str)
 
 if (isset($_REQUEST['sst']))  {
     $sst = trim($_REQUEST['sst']);
-    $sst = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\s]/", "", $sst);
+    $sst = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\/\^\*\s]/", "", $sst);
     if ($sst)
         $qstr .= '&amp;sst=' . urlencode($sst); // search sort (검색 정렬 필드)
 } else {