diff --git a/app/models/vehicle.rb b/app/models/vehicle.rb
index c2d7c75..de57649 100644
--- a/app/models/vehicle.rb
+++ b/app/models/vehicle.rb
@@ -50,9 +50,10 @@ class Vehicle < ActiveRecord::Base
     write_attribute(:vin, val)
   end
   
-  # search for a vin
-  def self.search(search)
-    where("vin LIKE ?", "%#{search}%")
+  # search for a vehicle by vin, make, model, or year
+  def self.search(query)
+    q = sanitize_sql_like(query)
+    where("vin LIKE ? OR make LIKE ? OR model LIKE ? OR year LIKE ?", "%#{q}%", "%#{q}%", "%#{q}%", "%#{q}%") 
   end
 	
   # decodes a vin and updates self
diff --git a/app/views/vehicles/_search.html.erb b/app/views/vehicles/_search.html.erb
index 27ba490..8844d06 100644
--- a/app/views/vehicles/_search.html.erb
+++ b/app/views/vehicles/_search.html.erb
@@ -1,4 +1,4 @@
 <%= form_tag(vehicles_path, method: "get", id: "search-form") do %>
-  <%= text_field_tag :search, params[:search], placeholder: t(:label_search_vin), autocomplete: "off" %>
+  <%= text_field_tag :search, params[:search], placeholder: t(:label_search), autocomplete: "off" %>
   <%= submit_tag t(:label_search) %>
 <% end %>
diff --git a/config/locales/en.yml b/config/locales/en.yml
index ab5e2f9..abba34a 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -28,7 +28,7 @@ en:
   label_model: "Model"
   label_new_vehicle: "New Customer Vehicle"
   label_no_vehicles: "There are no vehicles containing the term(s)"
-  label_search_vin: "Search Vehicles by VIN"
+  label_search: "Search Vehicles"
   label_year: "Year"
   no_customer: "Customer no longer exists"
   notice_vehicle_created: "Vehicle was successfully created."