diff --git a/CHANGELOG b/CHANGELOG
index 6ca2bc415..8ebf17ebb 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -10,6 +10,7 @@
 - output splash message when removing, editing, adding a category or keyword
 - extensions cannot be disabled/enabled if configuration file is not writeable
 - prevent cross site scripting in views/bootstrap/class.DefaultKeywords.php
+- fix possible DoS in op/op.RemoveLog.php
 
 --------------------------------------------------------------------------------
                      Changes in version 5.1.24
diff --git a/op/op.RemoveLog.php b/op/op.RemoveLog.php
index d698965b6..ab33ad0bb 100644
--- a/op/op.RemoveLog.php
+++ b/op/op.RemoveLog.php
@@ -41,6 +41,7 @@ if (!isset($_POST["lognames"]) || !is_array($_POST["lognames"])) {
 
 $lognames = $_POST["lognames"];
 foreach($lognames as $file) {
+	$file = basename($file, '.log').'.log';
 	if(!file_exists($settings->_contentDir.'log/'.$file)) {
 		UI::exitError(getMLText("admin_tools"),getMLText("unknown_id"));
 	}
diff --git a/out/out.RemoveLog.php b/out/out.RemoveLog.php
index 96002c535..4fa445af8 100644
--- a/out/out.RemoveLog.php
+++ b/out/out.RemoveLog.php
@@ -49,6 +49,7 @@ if(!is_array($_GET["logname"]))
 else
 	$lognames = $_GET["logname"];
 foreach($lognames as $file) {
+	$file = basename($file, '.log').'.log';
 	if(!file_exists($settings->_contentDir.'log/'.$file)) {
 		UI::exitError(getMLText("admin_tools"),getMLText("unknown_id"));
 	}