Using SQL injection, we inject the following query: 1' UNION SELECT * FROM products -- . However, we soon realize that we need to escalate privileges to gain write access to the products table.