diff --git a/api/project_aggregation.py b/api/project_aggregation.py
index 154fd7d..c1f89e0 100644
--- a/api/project_aggregation.py
+++ b/api/project_aggregation.py
@@ -10,6 +10,7 @@ import traceback
 
 from bson import ObjectId
 from fastapi import APIRouter, Depends, BackgroundTasks
+from pymongo import DESCENDING
 
 from api.task import create_scan_task, delete_asset
 from api.users import verify_token
@@ -54,4 +55,33 @@ async def get_projects_asset_count(request_data: dict, db=Depends(get_mongo_db),
     return {"code": 200, "data": {
         "subdomainCount": subdomain_count,
         "vulCount": vulnerability_count
-    }}
\ No newline at end of file
+    }}
+
+
+@router.post("/project/vul/statistics")
+async def get_projects_vul_statistics(request_data: dict, db=Depends(get_mongo_db), _: dict = Depends(verify_token)):
+    id = request_data.get("id", "")
+    pipeline = [
+        {"$match": {"project": id}},
+        {
+            "$group": {
+                "_id": "$level",
+                "count": {"$sum": 1}
+            }
+        }
+    ]
+    result = await db['vulnerability'].aggregate(pipeline).to_list(None)
+    return {"code": 200, "data": result}
+
+
+@router.post("/project/vul/data")
+async def get_projects_vul_data(request_data: dict, db=Depends(get_mongo_db), _: dict = Depends(verify_token)):
+    id = request_data.get("id", "")
+    cursor: AsyncIOMotorCursor = db.vulnerability.find({"project": id}, {"_id": 0, "url": 1, "vulname": 1, "level": 1, "time": 1, "matched": 1}).sort([("time", DESCENDING)])
+    result = await cursor.to_list(length=None)
+    return {
+        "code": 200,
+        "data": {
+            'list': result
+        }
+    }
diff --git a/api/system.py b/api/system.py
index 0033d5f..53794fb 100644
--- a/api/system.py
+++ b/api/system.py
@@ -43,7 +43,6 @@ async def get_system_version(redis_con=Depends(get_redis_pool), _: dict = Depend
                 scan_lversion = r_json["scan"]
                 scan_msg = r_json['scan_msg']
             except Exception as e:
-                # logger.error(traceback.format_exc())
                 logger.error(f"An unexpected error occurred: {e}")
 
     result_list = [{"name": "ScopeSentry-Server", "cversion": VERSION, "lversion": server_lversion, "msg": server_msg}]
diff --git a/api/vulnerability.py b/api/vulnerability.py
index f9243f2..3bc0804 100644
--- a/api/vulnerability.py
+++ b/api/vulnerability.py
@@ -34,7 +34,7 @@ async def get_vul_data(request_data: dict, db=Depends(get_mongo_db), _: dict = D
             }
         }
         # Perform pagination query
-        cursor: AsyncIOMotorCursor = db.vulnerability.find(query).skip((page_index - 1) * page_size).limit(page_size).sort([("timestamp", DESCENDING)])
+        cursor: AsyncIOMotorCursor = db.vulnerability.find(query).skip((page_index - 1) * page_size).limit(page_size).sort([("time", DESCENDING)])
         result = await cursor.to_list(length=None)
         # Process the result as needed
         response_data = []