Comment Don't blame Google (Score 1) 156
In several cases, the SQLi target was posted in a hacking forum, blog or exploit site, then Google bots perform a request to the link and indexes it (title, content).
If you have a procedure with 10 parameters, you probably missed some.