diff --git a/administrator/components/com_config/Model/ApplicationModel.php b/administrator/components/com_config/Model/ApplicationModel.php
index aca7b26312c75..afc695af45709 100644
--- a/administrator/components/com_config/Model/ApplicationModel.php
+++ b/administrator/components/com_config/Model/ApplicationModel.php
@@ -30,6 +30,7 @@
 use Joomla\CMS\Uri\Uri;
 use Joomla\CMS\User\UserHelper;
 use Joomla\Database\DatabaseDriver;
+use Joomla\Database\ParameterType;
 use Joomla\Registry\Registry;
 use Joomla\Utilities\ArrayHelper;
 
@@ -829,10 +830,11 @@ public function storePermissions($permission = null)
 		try
 		{
 			// Get the asset id by the name of the component.
-			$query = $this->getDbo()->getQuery(true)
-				->select($this->getDbo()->quoteName('id'))
-				->from($this->getDbo()->quoteName('#__assets'))
-				->where($this->getDbo()->quoteName('name') . ' = ' . $this->getDbo()->quote($permission['component']));
+			$query = $this->_db->getQuery(true)
+				->select($this->_db->quoteName('id'))
+				->from($this->_db->quoteName('#__assets'))
+				->where($this->_db->quoteName('name') . ' = :component')
+				->bind(':component', $permission['component']);
 
 			$this->_db->setQuery($query);
 
@@ -855,7 +857,8 @@ public function storePermissions($permission = null)
 				$query->clear()
 					->select($this->_db->quoteName('parent_id'))
 					->from($this->_db->quoteName('#__assets'))
-					->where($this->_db->quoteName('id') . ' = ' . $assetId);
+					->where($this->_db->quoteName('id') . ' = :assetid') 
+					->bind(':assetid', $assetId, ParameterType::INTEGER);
 
 				$this->_db->setQuery($query);
 
@@ -863,10 +866,12 @@ public function storePermissions($permission = null)
 			}
 
 			// Get the group parent id of the current group.
+			$rule = (int) $permission['rule'];
 			$query->clear()
 				->select($this->_db->quoteName('parent_id'))
 				->from($this->_db->quoteName('#__usergroups'))
-				->where($this->_db->quoteName('id') . ' = ' . (int) $permission['rule']);
+				->where($this->_db->quoteName('id') . ' = :rule')
+				->bind(':rule', $rule, ParameterType::INTEGER);
 
 			$this->_db->setQuery($query);
 
@@ -876,7 +881,8 @@ public function storePermissions($permission = null)
 			$query->clear()
 				->select('COUNT(' . $this->_db->quoteName('id') . ')')
 				->from($this->_db->quoteName('#__usergroups'))
-				->where($this->_db->quoteName('parent_id') . ' = ' . (int) $permission['rule']);
+				->where($this->_db->quoteName('parent_id') . ' = :rule')
+				->bind(':rule', $rule, ParameterType::INTEGER);
 
 			$this->_db->setQuery($query);