Ans 1) 2
So first we do a simple Nmap scan and we see the port 21,80,2222 open
Ans 2) ssh
Becuase its running on 2222 instead its usual 22 now.
Ans 3) CVE-2019-9053 this is python script for the Simple CMS we found by directory busting the IP and finding the /simple when we google search that name we find that there is a SQLI injection vulnerability on exploit db which is python script.
As stated above its a sql injection script and we can find a lot of information through it like the salt,username,etc.