"The most difficult way, I think, is getting the CMS`s source and finding an vuln that nobody has found yet. "

Always one of my first steps:
1) Info gathering (checking out hosts, ports, etc) I use nmapfor this.
2) Determine site version number
3) Download site software and check for exploits on my own server.
Advantages to doing it posted way:
-Quick
-Efficient
Disadvantages:
-Usually leaves log files with all your info
-You don't learn anything! Learning is what hacking is all about!

Advantages to my way:
-You know what the program you are running does (No sketchy software)
-After you find the exploit keep it for safekeeping -- You never know when you might need it next. Build a little library of private exploits.

Disadvantages:
-Takes a long time
-Might have to learn php and SQL