diff --git a/core/user_settings/user_dashboard.php b/core/user_settings/user_dashboard.php
index bab13405a2..9b44e493f2 100644
--- a/core/user_settings/user_dashboard.php
+++ b/core/user_settings/user_dashboard.php
@@ -939,7 +939,7 @@
 			//disk usage
 			if (stristr(PHP_OS, 'Linux')) {
 				$df = shell_exec("/usr/bin/which df");
-				$tmp = shell_exec($df." /home");
+				$tmp = shell_exec($df." /home 2>&1");
 				$tmp = explode("\n", $tmp);
 				$tmp = preg_replace('!\s+!', ' ', $tmp[1]); // multiple > single space
 				$tmp = explode(' ', $tmp);
@@ -1005,7 +1005,7 @@
 				if (stristr(PHP_OS, 'Linux')) {
 					unset($tmp);
 					$cut = shell_exec("/usr/bin/which cut");
-					$uptime = shell_exec($cut." -d. -f1 /proc/uptime");
+					$uptime = shell_exec(escapeshellcmd($cut." -d. -f1 /proc/uptime"));
 					$tmp['y'] = floor($uptime/60/60/24/365);
 					$tmp['d'] = $uptime/60/60/24%365;
 					$tmp['h'] = $uptime/60/60%24;
@@ -1029,7 +1029,7 @@
 				if (stristr(PHP_OS, 'Linux')) {
 					$free = shell_exec("/usr/bin/which free");
 					$awk = shell_exec("/usr/bin/which awk");
-					$percent_memory = round(shell_exec($free." | ".$awk." 'FNR == 3 {print $3/($3+$4)*100}'"), 1);
+					$percent_memory = round(shell_exec(escapeshellcmd($free." | ".$awk." 'FNR == 3 {print $3/($3+$4)*100}'")), 1);
 					if ($percent_memory != '') {
 						$hud[$n]['html'] .= "<tr class='tr_link_void'>\n";
 						$hud[$n]['html'] .= "<td valign='top' class='".$row_style[$c]." hud_text'>".$text['label-memory_usage']."</td>\n";