diff --git a/src/Skobkin/Bundle/PointToolsBundle/Service/AbstractApi.php b/src/Skobkin/Bundle/PointToolsBundle/Service/AbstractApi.php
index cec0234..62a0019 100644
--- a/src/Skobkin/Bundle/PointToolsBundle/Service/AbstractApi.php
+++ b/src/Skobkin/Bundle/PointToolsBundle/Service/AbstractApi.php
@@ -79,6 +79,11 @@ class AbstractApi
      */
     public function sendPostRequest($path, array $parameters = [])
     {
+        // Cleaning POST parameters from potential @file injections
+        array_walk($parameters, function (string &$value, string $key) {
+            str_replace('@', '', $value);
+        });
+
         /** @var GuzzleRequest $request */
         $request = $this->client->post($path, null, $parameters);