Hi @eurjchem,
This is possibly an automated search for security flaws in older versions of OJS. The operation that the request is attempting to access is password-protected and should only be accessible to administrator accounts; unless someone has gotten access to an admin account, you’re safe.
I do recommend updating to the latest OJS 3.3.0-x release, though, and suggest reviewing your list of administrators to ensure that there are no surprises. See this thread for some concrete suggestions.
Regards,
Alec Smecher
Public Knowledge Project Team