diff --git a/libraries/src/Language/Associations.php b/libraries/src/Language/Associations.php
index fe753a8a700bc..661714713cdb0 100644
--- a/libraries/src/Language/Associations.php
+++ b/libraries/src/Language/Associations.php
@@ -12,6 +12,7 @@
 
 use Joomla\CMS\Factory;
 use Joomla\CMS\Plugin\PluginHelper;
+use Joomla\Database\ParameterType;
 use Joomla\Registry\Registry;
 
 /**
@@ -46,6 +47,9 @@ public static function getAssociations($extension, $tablename, $context, $id, $p
 		// To avoid doing duplicate database queries.
 		static $multilanguageAssociations = array();
 
+		// Cast before creating cache key.
+		$id = (int) $id;
+
 		// Multilanguage association array key. If the key is already in the array we don't need to run the query again, just return it.
 		$queryKey = md5(serialize(array_merge(array($extension, $tablename, $context, $id), $advClause)));
 
@@ -53,24 +57,40 @@ public static function getAssociations($extension, $tablename, $context, $id, $p
 		{
 			$multilanguageAssociations[$queryKey] = array();
 
-			$db = Factory::getDbo();
-			$categoriesExtraSql = (($tablename === '#__categories') ? ' AND c2.extension = ' . $db->quote($extension) : '');
-			$query = $db->getQuery(true)
-				->select($db->quoteName('c2.language'))
+			$db                 = Factory::getDbo();
+			$query              = $db->getQuery(true);
+			$categoriesExtraSql = '';
+
+			if ($tablename === '#__categories')
+			{
+				$categoriesExtraSql = ' AND c2.extension = :extension1';
+				$query->bind(':extension1', $extension);
+			}
+
+			$query->select($db->quoteName('c2.language'))
 				->from($db->quoteName($tablename, 'c'))
-				->join('INNER', $db->quoteName('#__associations', 'a') . ' ON a.id = c.' . $db->quoteName($pk) . ' AND a.context=' . $db->quote($context))
-				->join('INNER', $db->quoteName('#__associations', 'a2') . ' ON ' . $db->quoteName('a.key') . ' = ' . $db->quoteName('a2.key'))
-				->join('INNER', $db->quoteName($tablename, 'c2') . ' ON a2.id = c2.' . $db->quoteName($pk) . $categoriesExtraSql);
+				->join(
+					'INNER',
+					$db->quoteName('#__associations', 'a'), $db->quoteName('a.id') . ' = ' . $db->quoteName('c.' . $pk)
+					. ' AND ' . $db->quoteName('a.context') . ' = :context'
+				)
+				->bind(':context', $context)
+				->join('INNER', $db->quoteName('#__associations', 'a2'), $db->quoteName('a.key') . ' = ' . $db->quoteName('a2.key'))
+				->join(
+					'INNER',
+					$db->quoteName($tablename, 'c2'),
+					$db->quoteName('a2.id') . ' = ' . $db->quoteName('c2.' . $pk) . $categoriesExtraSql
+				);
 
 			// Use alias field ?
 			if (!empty($aliasField))
 			{
 				$query->select(
 					$query->concatenate(
-						array(
+						[
 							$db->quoteName('c2.' . $pk),
 							$db->quoteName('c2.' . $aliasField),
-						),
+						],
 						':'
 					) . ' AS ' . $db->quoteName($pk)
 				);
@@ -85,21 +105,28 @@ public static function getAssociations($extension, $tablename, $context, $id, $p
 			{
 				$query->join(
 					'INNER',
-					$db->quoteName('#__categories', 'ca') . ' ON ' . $db->quoteName('c2.' . $catField) . ' = ca.id AND ca.extension = ' . $db->quote($extension)
+					$db->quoteName('#__categories', 'ca'),
+					$db->quoteName('c2.' . $catField) . ' = ' . $db->quoteName('ca.id') . ' AND ' . $db->quoteName('ca.extension') . ' = :extension2'
 				)
+					->bind(':extension2', $extension)
 					->select(
 						$query->concatenate(
-							array('ca.id', 'ca.alias'),
+							[
+								$db->quoteName('ca.id'),
+								$db->quoteName('ca.alias'),
+							],
 							':'
 						) . ' AS ' . $db->quoteName($catField)
 					);
 			}
 
-			$query->where('c.' . $pk . ' = ' . (int) $id);
+			$query->where($db->quoteName('c.' . $pk) . ' = :id')
+				->bind(':id', $id, ParameterType::INTEGER);
 
 			if ($tablename === '#__categories')
 			{
-				$query->where('c.extension = ' . $db->quote($extension));
+				$query->where($db->quoteName('c.extension') . ' = :extension3')
+					->bind(':extension3', $extension);
 			}
 
 			// Advanced where clause
diff --git a/libraries/src/Language/LanguageHelper.php b/libraries/src/Language/LanguageHelper.php
index ff3f9c4f8dfee..899caae98838c 100644
--- a/libraries/src/Language/LanguageHelper.php
+++ b/libraries/src/Language/LanguageHelper.php
@@ -150,9 +150,9 @@ public static function getLanguages($key = 'default')
 					$db = Factory::getDbo();
 					$query = $db->getQuery(true)
 						->select('*')
-						->from('#__languages')
-						->where('published=1')
-						->order('ordering ASC');
+						->from($db->quoteName('#__languages'))
+						->where($db->quoteName('published') . ' = 1')
+						->order($db->quoteName('ordering') . ' ASC');
 					$db->setQuery($query);
 
 					$languages['default'] = $db->loadObjectList();
@@ -211,11 +211,22 @@ public static function getInstalledLanguages($clientId = null, $processMetaData
 				$db = Factory::getDbo();
 
 				$query = $db->getQuery(true)
-					->select($db->quoteName(array('element', 'name', 'client_id', 'extension_id')))
+					->select(
+						[
+							$db->quoteName('element'),
+							$db->quoteName('name'),
+							$db->quoteName('client_id'),
+							$db->quoteName('extension_id'),
+						]
+					)
 					->from($db->quoteName('#__extensions'))
-					->where($db->quoteName('type') . ' = ' . $db->quote('language'))
-					->where($db->quoteName('state') . ' = 0')
-					->where($db->quoteName('enabled') . ' = 1');
+					->where(
+						[
+							$db->quoteName('type') . ' = ' . $db->quote('language'),
+							$db->quoteName('state') . ' = 0',
+							$db->quoteName('enabled') . ' = 1',
+						]
+					);
 
 				$installedLanguages = $db->setQuery($query)->loadObjectList();
 
diff --git a/libraries/src/Language/Multilanguage.php b/libraries/src/Language/Multilanguage.php
index 593f0b6366a32..32909e471b5ff 100644
--- a/libraries/src/Language/Multilanguage.php
+++ b/libraries/src/Language/Multilanguage.php
@@ -68,18 +68,22 @@ public static function isEnabled(CMSApplication $app = null, DatabaseInterface $
 			// Determine status of language filter plugin.
 			$db    = $db ?: Factory::getDbo();
 			$query = $db->getQuery(true)
-				->select('enabled')
+				->select($db->quoteName('enabled'))
 				->from($db->quoteName('#__extensions'))
-				->where($db->quoteName('type') . ' = ' . $db->quote('plugin'))
-				->where($db->quoteName('folder') . ' = ' . $db->quote('system'))
-				->where($db->quoteName('element') . ' = ' . $db->quote('languagefilter'));
+				->where(
+					[
+						$db->quoteName('type') . ' = ' . $db->quote('plugin'),
+						$db->quoteName('folder') . ' = ' . $db->quote('system'),
+						$db->quoteName('element') . ' = ' . $db->quote('languagefilter'),
+					]
+				);
 			$db->setQuery($query);
 
-			static::$enabled = $db->loadResult();
+			static::$enabled = (bool) $db->loadResult();
 			$tested = true;
 		}
 
-		return (bool) static::$enabled;
+		return static::$enabled;
 	}
 
 	/**
@@ -101,12 +105,20 @@ public static function getSiteHomePages(DatabaseInterface $db = null)
 			// Check for Home pages languages.
 			$db    = $db ?: Factory::getDbo();
 			$query = $db->getQuery(true)
-				->select('language')
-				->select('id')
+				->select(
+					[
+						$db->quoteName('language'),
+						$db->quoteName('id'),
+					]
+				)
 				->from($db->quoteName('#__menu'))
-				->where('home = 1')
-				->where('published = 1')
-				->where('client_id = 0');
+				->where(
+					[
+						$db->quoteName('home') . ' = ' . $db->quote('1'),
+						$db->quoteName('published') . ' = 1',
+						$db->quoteName('client_id') . ' = 0',
+					]
+				);
 			$db->setQuery($query);
 
 			$multilangSiteHomePages = $db->loadObjectList('language');