diff --git a/out/out.LogManagement.php b/out/out.LogManagement.php
index 314e95d98..9375b9258 100644
--- a/out/out.LogManagement.php
+++ b/out/out.LogManagement.php
@@ -27,7 +27,7 @@ if (!$user->isAdmin()) {
 	UI::exitError(getMLText("admin_tools"),getMLText("access_denied"));
 }
 
-if (isset($_GET["logname"])) $logname=$_GET["logname"];
+if (isset($_GET["logname"])) $logname=basename($_GET["logname"]);
 else $logname=NULL;
 
 if (isset($_GET["mode"])) $mode=$_GET["mode"];
diff --git a/views/bootstrap/class.LogManagement.php b/views/bootstrap/class.LogManagement.php
index d60968706..22b764f8b 100644
--- a/views/bootstrap/class.LogManagement.php
+++ b/views/bootstrap/class.LogManagement.php
@@ -137,15 +137,11 @@ class SeedDMS_View_LogManagement extends SeedDMS_Bootstrap_Style {
 <?php
 		$this->htmlEndPage();
 		} elseif(file_exists($this->contentdir.$logname)){
-//			$this->htmlStartPage(getMLText("backup_tools"));
-
-//			$this->contentSubHeading(sanitizeString($logname));
-
 			echo $logname."<pre>\n";
 			readfile($this->contentdir.$logname);
 			echo "</pre>\n";
-
-//			echo "</body>\n</html>\n";
+		} else {
+			UI::exitError(getMLText("admin_tools"),getMLText("access_denied"));
 		}
 
 	} /* }}} */