The attacker is trying to exploit Joomla component called com_s5clanroster
which is vulnerable to SQL Injection.
An SQL injection vulnerability has been reported in Joomla Com
S5clanroster. Successful exploitation of this vulnerability would
allow a remote attacker to execute arbitrary SQL commands on the
affected system.
https://www.checkpoint.com/defense/advisories/public/2014/cpai-2014-2169.html
That same component was also vulnerable to LFI:
[o] Exploit
http://localhost/[path]/index.php?option=com_s5clanroster&view=[LFI]
http://localhost/[path]/index.php?option=com_s5clanroster&controller=[LFI]
http://www.securityfocus.com/bid/39503
Maybe you don't have that component installed or maybe you are running different CMS, but make sure that you check your website is up-to-date. And not only that, also check if different plugins are still maintained by author, because I saw vulnerable plugins with no updates available from author - and that is consider as a big problem.
Here is another example which can lead to another problem: Expired Domain Leads to WordPress Plugin Redirects
Consider to use ModSecurity (Open Source Web Application Firewall). How to?