Process.Start is the first one to come to mind.
I am sure that WindowsIdentity and much of System.Security can also be used for evil.
Of course, there are SQL injection attacks, but I don't think that's what you mean (though remote execution can occur through SQL Server).
