I only found one exploitable example browsing the first few pages, whereas the majority of the OP's results looked fairly exploitable.

The difference is that SQL injection will only happen when using raw queries.

System (as you mentioned) or EXEC injections, however, may get out of hand.